CVE-2013-6001 Information

Description

SQL injection vulnerability in the Space function in Cybozu Garoon before 3.7 SP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Reference

http://cs.cybozu.co.jp/information/20131202up01.php http://jvn.jp/en/jp/JVN82375148/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2013-000114 http://products.cybozu.co.jp/garoon/download/update/gr3/fix371sp1.html https://support.cybozu.com/ja-jp/article/6955