Description
A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name.
Remediation
References
Related Vulnerabilities
Python Improper Input Validation Vulnerability (CVE-2013-7338)
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-5447)
WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes Security Bypass (3.34.5)
SharePoint Deserialization of Untrusted Data Vulnerability (CVE-2026-40357)
Craft CMS Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2026-27128)