Django 1.11.28 release notes — Django documentation

From Get docs

Django/docs/2.2.x/releases/1.11.28

Jump to:navigation, search

Django 1.11.28 release notes

February 3, 2020

Django 1.11.28 fixes a security issue in 1.11.27.

CVE-2020-7471: Potential SQL injection via StringAgg(delimiter)

StringAgg aggregation function was subject to SQL injection, using a suitably crafted delimiter.

Retrieved from "https://getdocs.org/index.php?title=Django/docs/2.2.x/releases/1.11.28&oldid=36644"

Django 2.2.x documentation