Note di rilascio di Django 1.11.28
3 Febbraio 2020
Django 1.11.28 risolve un problema di sicurezza in 1.11.27.
CVE-2020-7471: Potential SQL injection via StringAgg(delimiter)
StringAgg
aggregation function was
subject to SQL injection, using a suitably crafted delimiter
.