LUUANHDUC

1 exploit Active since Jul 2021
CVE-2021-35042 NOMISEC CRITICAL WRITEUP
Django <3.1.13, <3.2.5 - SQL Injection
Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application.
CVSS 9.8