Vigil@nce - Vigil@nce - Django: SQL injection via QuerySet.order_by, analyzed on 18/08/2021
October 2021 by Vigil@nce
Vigil@nce - An attacker can use a SQL injection via QuerySet.order_by of Django, in order to read or alter data.
Plus d'information sur : https://vigilance.fr/vulnerability/Django-SQL-injection-via-QuerySet-order-by-36149