SQL Injection in Jazzband Django Debug Toolbar

SQL Injection in Jazzband Django Debug Toolbar

CVE-2021-30459 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the raw_sql input field of the SQL explain, analyze, or select form.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.