Description
Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before 3.0.3 allows SQL Injection if untrusted data is used as a StringAgg delimiter (e.g., in Django applications that offer downloads of data as a series of rows with a user-specified column delimiter). By passing a suitably crafted delimiter to a contrib.postgres.aggregates.StringAgg instance, it was possible to break escaping and inject malicious SQL.
Remediation
References
Related Vulnerabilities
W3 Total Cache CVE-2019-6715 Vulnerability (CVE-2019-6715)
Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27901)
WordPress Plugin File Manager Unspecified Vulnerability (5.1.5)
Apache HTTP Server Session Fixation Vulnerability (CVE-2001-1534)
WordPress Plugin WP Ad Guru Lite Cross-Site Scripting (1.6.0)