py-django: Potential SQL injection via tolerance parameter in GIS functions and aggregates on Oracle (CVE-2020-9402)
A flaw was found in Django in a way that GIS functions and aggregates on Oracle were subject to SQL injection, using a suitably crafted tolerance.
Fixed In Version:
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information