Fix Bug if-itb#1

Bug if-itb#1 Empty database password in getHsqldbConnection(String,
WebgoatContext) [Scary(7), Normal confidence]

Author: hapsaritilawah

webgoat-container/src/main/java/org/owasp/webgoat/session/DatabaseUtilities.java

@@ -9,6 +9,8 @@
 import java.sql.SQLException;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.Properties;
+
 import org.apache.ecs.MultiPartElement;
 import org.apache.ecs.html.B;
 import org.apache.ecs.html.TD;
@@ -131,7 +133,10 @@ private static Connection getHsqldbConnection(String user, WebgoatContext contex
 			SQLException
 	{
 		String url = context.getDatabaseConnectionString().replaceAll("\\$\\{USER\\}", user);
-		return DriverManager.getConnection(url, "sa", "");
+		Properties props = new Properties();
+		props.setProperty("user","sa");
+		props.setProperty("password","");
+		return DriverManager.getConnection(url, props);
 	}
 
 	/**