Sql injection

Realization Concerto Critical Chain Planner aka CCPM 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter...