Description

An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.

Remediation

References

CVE-2022-28346

Related Vulnerabilities

WordPress Plugin Elementor-Header, Footer & Blocks Template Multiple Cross-Site Scripting Vulnerabilities (1.5.7)

WordPress 5.1.x Multiple Vulnerabilities (5.1 - 5.1.17)

WordPress Plugin Yoast SEO Cross-Site Scripting (22.6)

WordPress Plugin WordPress Simple Shop Cross-Site Scripting (1.2)

Rukovoditel Cross-site Scripting (XSS) Vulnerability (CVE-2019-7541)

Severity

Critical

Classification

CVE-2022-28346 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities