CVE-2013-4422 (retired)

SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or
later and PostgreSQL 8.2 or later are used, allows remote attackers to
execute arbitrary SQL commands via a \ (backslash) in a message.
 jdstrand> per upstream, "This bug was a introduced due to a bugfix in Qt 4.8.5
  disables slash escaping when binding queries:
 jdstrand> Ubuntu 13.04 and earlier do not have Qt 4.8.5
More Information

Updated: 2019-03-26 12:09:51 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)