1
0
mirror of https://github.com/django/django.git synced 2025-10-05 04:49:09 +00:00
Mariusz Felisiak 41b43c74bd Fixed CVE-2025-59681 -- Protected QuerySet.annotate(), alias(), aggregate(), and extra() against SQL injection in column aliases on MySQL/MariaDB.
Thanks sw0rd1ight for the report.

Follow up to 93cae5cb2f9a4ef1514cf1a41f714fef08005200.
2025-10-01 08:11:45 -04:00
..
2024-01-26 12:45:07 +01:00