CVE-2013-0701

SQL injection vulnerability in Cybozu Garoon 2.5.0 through 3.5.3 allows remote authenticated users to execute arbitrary SQL commands by leveraging a logging privilege.

Date published : 2013-02-14

http://cs.cybozu.co.jp/information/20130125up02.php

http://jvn.jp/en/jp/JVN07629635/index.html