java CWE89:SQL命令中使用的特殊元素的不正确中和（“SQL注入”）

我收到以下警告：

CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') exception at insertCount = aBatchPstmt.executeBatch(); SQL injections can be prevented by using parameterised query

我相信我遵循了这个建议，但我仍然看到了同样的信息。 我该如何解决这个问题

    int[] insertCount = null;
    if (stmtLogList.size() > 0) {
        Connection dbConnection = getDBConnection();
        PreparedStatement aBatchPstmt = null;
        try {

            String anInsertQuery = "INSERT INTO " + getDBName() + ".dbo."
                    + "statementGenerationlog  (CountryCode,CIFNumber,FileName,ZipFilename,Status,BatchRunDate,logDesc,FileType) values (?,?,?,?,?,?,?,?)";

            aBatchPstmt = dbConnection.prepareStatement(anInsertQuery);
            for (StatementGenerationLogBean aLogDetails : stmtLogList) {
                aBatchPstmt.setString(1, aLogDetails.getCountryCode());
                aBatchPstmt.setString(2, aLogDetails.getCifNumber());
                aBatchPstmt.setString(3, aLogDetails.getFileName());
                aBatchPstmt.setString(4, aLogDetails.getZipFileName());
                aBatchPstmt.setInt(5, aLogDetails.getStatus());
                aBatchPstmt.setString(6, aLogDetails.getBatchRunDate());
                aBatchPstmt.setString(7, aLogDetails.getLogDesc());
                aBatchPstmt.setString(8, aLogDetails.getFileType());
                aBatchPstmt.addBatch();
            }
            insertCount = aBatchPstmt.executeBatch();

        } finally {
            closeDB(dbConnection);
            closePreparedStatement(aBatchPstmt);
        }
    }
    return insertCount;

}