Multiple SQL injection vulnerabilities in StatusNet 1.0 prior to 1.0.2 and 1.1.0 allow remote malicious users to execute arbitrary SQL commands via vectors related to user lists and "a particular tag format."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
status statusnet 1.0.1 |
||
status statusnet 1.0.0 |
||
status statusnet 1.1.0 |