Description

An issue was discovered in Django 3.2 before 3.2.14 and 4.0 before 4.0.6. The Trunc() and Extract() database functions are subject to SQL injection if untrusted data is used as a kind/lookup_name value. Applications that constrain the lookup name and kind choice to a known safe list are unaffected.

Remediation

References

CVE-2022-34265

Related Vulnerabilities

ReviveAdserver Incorrect Authorization Vulnerability (CVE-2020-8142)

WordPress Plugin WP-SpamFree Anti-Spam Cross-Site Scripting (2.1.1.6)

Drupal Core 8.9.x Cross-Site Request Forgery (8.9.0 - 8.9.18)

Vulnerable package dependencies [high]

WordPress Plugin Appointment Booking Calendar Cross-Site Scripting (1.3.18)

Severity

Critical

Classification

CVE-2022-34265 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities