CVE-2021-30459 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2021-30459 Interim 1 2 2021-12-09T02:21:11Z current 2021-09-30T01:41:23Z 2021-12-09T02:21:11Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2021-30459 A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the raw_sql input field of the SQL explain, analyze, or select form. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed python36-django-debug-toolbar-3.2.1-1.2 python38-django-debug-toolbar-3.2.1-1.2 python39-django-debug-toolbar-3.2.1-1.2 python36-django-debug-toolbar-3.2.1-1.2 as a component of openSUSE Tumbleweed python38-django-debug-toolbar-3.2.1-1.2 as a component of openSUSE Tumbleweed python39-django-debug-toolbar-3.2.1-1.2 as a component of openSUSE Tumbleweed A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the raw_sql input field of the SQL explain, analyze, or select form. CVE-2021-30459 openSUSE Tumbleweed:python36-django-debug-toolbar-3.2.1-1.2 openSUSE Tumbleweed:python38-django-debug-toolbar-3.2.1-1.2 openSUSE Tumbleweed:python39-django-debug-toolbar-3.2.1-1.2 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H