Sumit I. Siddharth discovered that Gforge, a collaborative development tool performs insufficient input sanitising, which allows SQL injection.
For the oldstable distribution (sarge) this problem has been fixed in version 3.1-31sarge2.
For the stable distribution (etch) this problem has been fixed in version 4.5.14-22etch1.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your gforge package.