Description
SQL injection vulnerability in managechat.php in Collabtive 0.65 allows remote attackers to execute arbitrary SQL commands via the chatstart[USERTOID] cookie in a pull action.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2023-21967 Vulnerability (CVE-2023-21967)
Drupal Core 9.0.x Cross-Site Request Forgery (9.0.0 - 9.0.14)
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-1443)
CKEditor Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2021-26271)