The Django development team has issued security updates after discovering a high-severity SQL injection flaw in the FilteredRelation feature.
This flaw could allow attackers to run harmful database commands by crafting unexpected query parameters. Users running Django 5.2, 5.1, or 4.2 should upgrade immediately to protect their applications.
https://gbhackers.com/django-web-vulnerability/