Published:2014/01/28  Last Updated:2014/01/28

Information from Cybozu, Inc.

Vulnerability ID:JVN#91153528
Title:Multiple SQL injection vulnerabilities in Cybozu Garoon
Status:Vulnerable

This is a statement from the vendor itself with no modification by JPCERT/CC.

For more information about this vulnerability, please see our Japanese website.

Cybozu Garoon contains an SQL injection vulnerability on the page navigation link.
http://cs.cybozu.co.jp/information/20140127up02.php

Cybozu Garoon contains an issue in processing input through API, which may result in SQL injection.
http://cs.cybozu.co.jp/information/20140127up03.php