summaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
authorMariusz Felisiak <felisiak.mariusz@gmail.com>2022-04-01 08:10:22 +0200
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2022-04-11 09:22:17 +0200
commit2c09e68ec911919360d5f8502cefc312f9e03c5d (patch)
treeb1b4a529359ced3a0bf9516e6c7c94669b0ee482 /scripts
parent8352b98e460f1b5349cd8a9a4ce35a573664c7c3 (diff)
[2.2.x] Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), and extra() against SQL injection in column aliases.
Thanks Splunk team: Preston Elder, Jacob Davis, Jacob Moore, Matt Hanson, David Briggs, and a security researcher: Danylo Dmytriiev (DDV_UA) for the report. Backport of 93cae5cb2f9a4ef1514cf1a41f714fef08005200 from main.
Diffstat (limited to 'scripts')
0 files changed, 0 insertions, 0 deletions