CVE-2016-1218
Cybozu Garoon contains an SQL injection vulnerability in the Messages function affecting versions 3.0.0 through 4.2.1, prior to 4.2.2. The underlying issue allows an authenticated attacker to obtain or alter data in the database. Documented by multiple sources (NVD entry CVE-2016-1218; JVN/JVNDB ...