CVE-2020-7471: Django SQL Injection Vulnerability Alert
Recently, Django officially released a security notice that announced a potential SQL injection vulnerability (CVE-2020-7471) that was exploited via StringAgg (delimiter). An attacker can pass the constructor delimiter to the django.contrib.postgres.aggregates.StringAgg aggregate function to...