Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2021-35042

Disclosure Date: July 02, 2021 (last updated November 08, 2023)
Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0