Description

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to these methods (on MySQL and MariaDB).

Remediation

References

CVE-2025-59681

Related Vulnerabilities

WordPress Plugin Billplz for WooCommerce Unspecified Vulnerability (3.10)

MySQL CVE-2017-3651 Vulnerability (CVE-2017-3651)

MySQL CVE-2015-4752 Vulnerability (CVE-2015-4752)

WordPress Plugin Auto Publish for Google My Business Cross-Site Scripting (3.3)

Craft CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-14280)

Severity

Critical

Classification

CVE-2025-59681 CWE-138 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities