diff --git a/vulnerable_repos/juice-shop/routes/updateProductReviews.ts b/vulnerable_repos/juice-shop/routes/updateProductReviews.ts
index c5d88cf..5cddd32 100644
--- a/vulnerable_repos/juice-shop/routes/updateProductReviews.ts
+++ b/vulnerable_repos/juice-shop/routes/updateProductReviews.ts
@@ -15,7 +15,7 @@ export function updateProductReviews () {
   return (req: Request, res: Response, next: NextFunction) => {
     const user = security.authenticatedUsers.from(req) // vuln-code-snippet vuln-line forgedReviewChallenge
     db.reviewsCollection.update( // vuln-code-snippet neutral-line forgedReviewChallenge
-      { _id: req.body.id }, // vuln-code-snippet vuln-line noSqlReviewsChallenge forgedReviewChallenge
+      { _id: { $eq: req.body.id } }, // FIXED: use $eq to prevent NoSQL injection
       { $set: { message: req.body.message } },
       { multi: true } // vuln-code-snippet vuln-line noSqlReviewsChallenge
     ).then(