CVE-2020-11010
CVE-2020-11010 affects Tortoise ORM prior to versions 0.15.23 and 0.16.6. The issue is a SQL injection vulnerability in filtering or mass-updating on char/text fields. MySQL is directly affected; SQLite and PostgreSQL are affected only when using contains, starts_with, or ends_with filters (and t...