diff --git a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/SqlInjectionMitigationTest.java b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/SqlInjectionMitigationTest.java
index d51af280c..d73f9128c 100644
--- a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/SqlInjectionMitigationTest.java
+++ b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/SqlInjectionMitigationTest.java
@@ -2,6 +2,9 @@ package org.owasp.webgoat;
 
 import org.junit.Test;
 
+import io.restassured.RestAssured;
+import io.restassured.http.ContentType;
+
 import java.util.HashMap;
 import java.util.Map;
 
@@ -33,7 +36,18 @@ public class SqlInjectionMitigationTest extends IntegrationTest {
 				"}");
 		checkAssignment(url("/WebGoat/SqlInjectionMitigations/attack10b"), params, true);
 		
-		//checkResults(webGoatCookie, webgoatURL, "/SqlInjectionMitigations/");
+		RestAssured.given()
+		.when().config(restConfig).cookie("JSESSIONID", getWebGoatCookie())
+		.contentType(ContentType.JSON)
+		.get(url("/WebGoat/SqlInjectionMitigations/servers?column=(case when (true) then hostname else id end)"))
+		.then()
+		.statusCode(200);
+
+		params.clear();
+		params.put("ip", "104.130.219.202");
+		checkAssignment(url("/WebGoat/SqlInjectionMitigations/attack12a"), params, true);
+
+		checkResults("/SqlInjectionMitigations/");
 	
 	}
 }
diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson10a.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson10a.java
index 1c531e2df..13e3c65d8 100644
--- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson10a.java
+++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson10a.java
@@ -13,7 +13,7 @@ import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
 
-@AssignmentPath("SqlInjectionMitigations/attack10a")
+@AssignmentPath("/SqlInjectionMitigations/attack10a")
 @Slf4j
 @AssignmentHints(value = {"SqlStringInjectionHint-mitigation-10a-1", "SqlStringInjectionHint-mitigation-10a-10a2"})
 public class SqlInjectionLesson10a extends AssignmentEndpoint {
diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson10b.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson10b.java
index b47c7580c..3467ac521 100644
--- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson10b.java
+++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson10b.java
@@ -18,7 +18,7 @@ import java.util.List;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
-@AssignmentPath("SqlInjectionMitigations/attack10b")
+@AssignmentPath("/SqlInjectionMitigations/attack10b")
 @AssignmentHints(value = {"SqlStringInjectionHint-mitigation-10b-1", "SqlStringInjectionHint-mitigation-10b-2", "SqlStringInjectionHint-mitigation-10b-3", "SqlStringInjectionHint-mitigation-10b-4", "SqlStringInjectionHint-mitigation-10b-5"})
 public class SqlInjectionLesson10b extends AssignmentEndpoint {
 
diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson12a.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson12a.java
index d99be9505..591576fde 100644
--- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson12a.java
+++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson12a.java
@@ -20,7 +20,7 @@ import java.sql.*;
  * @author nbaars
  * @since 6/13/17.
  */
-@AssignmentPath("SqlInjectionMitigations/attack12a")
+@AssignmentPath("/SqlInjectionMitigations/attack12a")
 @AssignmentHints(value = {"SqlStringInjectionHint-mitigation-12a-1", "SqlStringInjectionHint-mitigation-12a-2", "SqlStringInjectionHint-mitigation-12a-3", "SqlStringInjectionHint-mitigation-12a-4"})
 @Slf4j
 public class SqlInjectionLesson12a extends AssignmentEndpoint {
diff --git a/webgoat-lessons/sql-injection/src/main/resources/html/SqlInjectionMitigations.html b/webgoat-lessons/sql-injection/src/main/resources/html/SqlInjectionMitigations.html
index 92cc1eca7..577e58996 100644
--- a/webgoat-lessons/sql-injection/src/main/resources/html/SqlInjectionMitigations.html
+++ b/webgoat-lessons/sql-injection/src/main/resources/html/SqlInjectionMitigations.html
@@ -128,7 +128,7 @@
                 <br/>
             </div>
         </form>
-        <form class="attack-form" method="POST" name="form" action="SqlInjection/attack12a">
+        <form class="attack-form" method="POST" name="form" action="/WebGoat/SqlInjectionMitigations/attack12a">
             <div class="form-group">
                 <div class="input-group">
                     <div class="input-group-addon">IP address webgoat-prd server:</div>