The vulnerability of the QuerySet.values() and values_list() methods of the Django web application’s JSONField model allows a attacker to execute arbitrary code.
The vulnerability of the QuerySet.values and valueslist methods of the Django web application’s JSONField model is related to the lack of security measures for handling SQL queries. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted SQL query...