CVE-2024-26164 - K7 Labs

CVE Number	Vulnerability	Product	Severity	Date
CVE-2024-26164	Microsoft Django backend for SQL Server Remote Code Execution Vulnerability	Microsoft Django Backend	Important	19-03-2024

The attacker performs SQL injection using a unsanitized parameter in the SQL query, leads to remote code execution in django backend.

Patch release date: Mar 12, 2024
Further information on this vulnerability is available at : CVE-2024-26164

SQL Server backend for Django