Description
The (1) FilePathField, (2) GenericIPAddressField, and (3) IPAddressField model field classes in Django before 1.4.11, 1.5.x before 1.5.6, 1.6.x before 1.6.3, and 1.7.x before 1.7 beta 2 do not properly perform type conversion, which allows remote attackers to have unspecified impact and vectors, related to "MySQL typecasting."
Remediation
References
Related Vulnerabilities
PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2014-5459)
Ruby Improper Input Validation Vulnerability (CVE-2008-3657)
MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2016-9417)
Apache Tomcat CVE-2020-13943 Vulnerability (CVE-2020-13943)
WordPress Plugin 2Way VideoCalls and Random Chat-HTML5 Webcam Videochat Cross-Site Scripting (5.2.7)