Debian Security Advisory 1818-1 - Laurent Almeras and Guillaume Smet have discovered a possible SQL injection vulnerability and cross-site scripting vulnerabilities in gforge, a collaborative development tool. Due to insufficient input sanitising, it was possible to inject arbitrary SQL statements and use several parameters to conduct cross-site scripting attacks.
ef3ab886c53dfa59ff5ebaf2e13c7fc33993ce4e386d80d7b4077eb59b1d7f05