CVE-2013-6001

SQL injection vulnerability in the Space function in Cybozu Garoon before 3.7 SP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Date published : 2013-12-05

http://cs.cybozu.co.jp/information/20131202up01.php

http://products.cybozu.co.jp/garoon/download/update/gr3/fix371sp1.html