CVE-2013-10013

The CVE concerns the Bricco Authenticator Plugin, specifically the DBAuthenticator.java authenticate/compare path. The vulnerability allows SQL injection due to improper handling in that function. Affected versions are prior to 1.39. Upgrading to version 1.39 addresses the issue (patch a5456633ff...