← Back to CVE List
CVE-2021-35042
Published:
2021-07-02T10:15Z
Last Modified:
2024-11-21T06:11Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
Django 3.1.x before 3.1.13 and 3.2.x before 3.2.5 allows QuerySet.order_by SQL injection if order_by is untrusted input from a client of a web application. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt