Candidate: CVE-2008-2381
PublicDate: 2009-01-02 19:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2381
Description:
 SQL injection vulnerability in the create function in
 common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote
 attackers to execute arbitrary SQL commands via the comments variable.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_gforge:
upstream_gforge: released (4.7~rc2-7)
dapper_gforge: ignored (reached end-of-life)
gutsy_gforge: needed (reached end-of-life)
hardy_gforge: ignored (reached end-of-life)
intrepid_gforge: needed (reached end-of-life)
jaunty_gforge: not-affected (4.7~rc2-7lenny3build0.9.04.1)
karmic_gforge: not-affected (4.7.3-2)
lucid_gforge: not-affected (4.8.2-1)
maverick_gforge: not-affected (4.8.2-1)
natty_gforge: DNE
oneiric_gforge: DNE
devel_gforge: DNE