Description
An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
Remediation
References
Related Vulnerabilities
Jenkins Improper Input Validation Vulnerability (CVE-2018-1999002)
WordPress Plugin Media Library Categories Multiple Cross-Site Scripting Vulnerabilities (1.1.1)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-0701)
CubeCart Improper Input Validation Vulnerability (CVE-2013-1465)
Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2019-1068)