JVN#82375148: Cybozu Garoon vulnerable to SQL injection

ID JVN:82375148
Type jvn
Reporter Japan Vulnerability Notes
Modified 2013-12-03T00:00:00


## Description

Cybozu Garoon provided by Cybozu, Inc. is a groupware. Cybozu Garoon contains a SQL injection vulnerability in the Space function.

## Impact

A user who can log in to the product may execute an arbitrary SQL command in the database that the product is referencing.

## Solution

Update the Software
Update to the latest version according to the information provided by the developer.

## Products Affected

  • Cybozu Garoon 3.7 and earlier