CVE-2008-2381
Publication date 2 January 2009
Last updated 24 July 2024
Ubuntu priority
SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable.