Debian : Security Vulnerabilities, CVEs, Published In 2015 (Sql injection)
Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \ (backslash) in a message. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422.
Max CVSS
7.5
EPSS Score
0.11%
Published
2015-05-14
Updated
2016-12-06
1 vulnerabilities found