Django

Pierluigi Paganini July 04, 2022
Popular Django web framework affected by a SQL Injection flaw. Upgrade it now!

The development team behind the Django Project has addressed a high-severity SQL Injection flaw in its framework. Django is a free and open-source, Python-based web framework that follows the model–template–views (MTV) architectural pattern. Django is maintained by the independent organization Django Software Foundation. The latest releases of the framework, Django 4.0.6 and 3.2.14, addressed a high-severity SQL […]

Pierluigi Paganini March 31, 2018
Tens of thousands of misconfigured Django apps leak sensitive data

The security researcher FĂĄbio Castro discovered tens of thousands of Django apps that expose sensitive data because developers forget to disable the debug mode. Security researchers have discovered misconfigured Django applications that are exposing sensitive information, including passwords, API keys, or AWS access tokens. Django is a very popular high-level Python Web framework that allows rapid development of Python-based web applications. The […]