diff --git a/src/CoreShop/Bundle/CoreBundle/Controller/CustomerTransformerController.php b/src/CoreShop/Bundle/CoreBundle/Controller/CustomerTransformerController.php
index 7b4de23fba..b48dcf8e9f 100644
--- a/src/CoreShop/Bundle/CoreBundle/Controller/CustomerTransformerController.php
+++ b/src/CoreShop/Bundle/CoreBundle/Controller/CustomerTransformerController.php
@@ -40,7 +40,7 @@ public function checkForNameDuplicatesAction(Request $request): JsonResponse
 
         if ($value !== null) {
             $list = $this->getCompanyRepository()->getList();
-            $list->addConditionParam(sprintf('name LIKE "%%%s%%"', (string) $value));
+            $list->addConditionParam('name LIKE ?', '%' . $value . '%');
             $foundObjects = $list->getData();
         }
 
diff --git a/src/CoreShop/Bundle/CoreBundle/Report/CategoriesReport.php b/src/CoreShop/Bundle/CoreBundle/Report/CategoriesReport.php
index a308ad3c85..f3011b3725 100644
--- a/src/CoreShop/Bundle/CoreBundle/Report/CategoriesReport.php
+++ b/src/CoreShop/Bundle/CoreBundle/Report/CategoriesReport.php
@@ -136,10 +136,10 @@ public function getReportData(ParameterBag $parameterBag): array
             INNER JOIN object_query_$orderItemClassId AS orderItems ON orderItems.product__id = catProductDependencies.targetId
             INNER JOIN object_relations_$orderClassId AS orderRelations ON orderRelations.dest_id = orderItems.oo_id AND orderRelations.fieldname = \"items\"
             INNER JOIN object_query_$orderClassId AS `orders` ON `orders`.oo_id = orderRelations.src_id
-            WHERE orders.store = :storeId" . $orderStateInClause . " AND orders.orderDate > :fromTimestamp AND orders.orderDate < :toTimestamp AND orderItems.product__id IS NOT NULL
+            WHERE orders.store = :storeId" . $orderStateInClause . ' AND orders.orderDate > :fromTimestamp AND orders.orderDate < :toTimestamp AND orderItems.product__id IS NOT NULL
             GROUP BY categories.oo_id
             ORDER BY quantityCount DESC
-            LIMIT " . (int) $offset . ', ' . (int) $limit;
+            LIMIT ' . (int) $offset . ', ' . (int) $limit;
             $results = $this->db->fetchAllAssociative($query, $queryParameters);
         }
 
diff --git a/src/CoreShop/Bundle/CoreBundle/Report/ProductsReport.php b/src/CoreShop/Bundle/CoreBundle/Report/ProductsReport.php
index 7a02e16fc1..813b06a0f2 100644
--- a/src/CoreShop/Bundle/CoreBundle/Report/ProductsReport.php
+++ b/src/CoreShop/Bundle/CoreBundle/Report/ProductsReport.php
@@ -151,10 +151,10 @@ public function getReportData(ParameterBag $parameterBag): array
                 INNER JOIN object_relations_$orderClassId AS orderRelations ON orderRelations.src_id = orders.oo_id AND orderRelations.fieldname = \"items\"
                 INNER JOIN object_query_$orderItemClassId AS orderItems ON orderRelations.dest_id = orderItems.oo_id
                 INNER JOIN object_localized_query_" . $orderItemClassId . '_' . $locale . " AS orderItemsTranslated ON orderItems.oo_id = orderItemsTranslated.ooo_id
-                WHERE `orders`.store = :storeId AND $productTypeCondition" . $orderStateInClauseOrders . " AND `orders`.orderDate > :fromTimestamp AND `orders`.orderDate < :toTimestamp
+                WHERE `orders`.store = :storeId AND $productTypeCondition" . $orderStateInClauseOrders . ' AND `orders`.orderDate > :fromTimestamp AND `orders`.orderDate < :toTimestamp
                 GROUP BY orderItems.objectId
                 ORDER BY orderCount DESC
-                LIMIT " . (int) $offset . ', ' . (int) $limit;
+                LIMIT ' . (int) $offset . ', ' . (int) $limit;
         }
 
         $queryParameters = array_merge([
diff --git a/src/CoreShop/Bundle/FrontendBundle/Resources/assets/package-lock.json b/src/CoreShop/Bundle/FrontendBundle/Resources/assets/package-lock.json
index 5f83d58ef8..3a5abda515 100644
--- a/src/CoreShop/Bundle/FrontendBundle/Resources/assets/package-lock.json
+++ b/src/CoreShop/Bundle/FrontendBundle/Resources/assets/package-lock.json
@@ -6127,10 +6127,11 @@
       }
     },
     "node_modules/lodash": {
-      "version": "4.17.21",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
-      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
-      "dev": true
+      "version": "4.17.23",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
+      "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==",
+      "dev": true,
+      "license": "MIT"
     },
     "node_modules/lodash.debounce": {
       "version": "4.0.8",