Quassel ≫ Quassel Core

CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows remote attackers to spoof IRC messages as other users via a crafted CTCP message.