2020-07-07 18:11:35
mitre
PUBLISHED
WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponent, messageID, or to parameter.