Django · Django Debug Toolbar · CVE-2021-30459
**Name of the Vulnerable Software and Affected Versions**
Django Debug Toolbar versions 1.x through 1.11.0
Django Debug Toolbar versions 2.x through 2.2.0
Django Debug Toolbar versions 3.x through 3.2.0
**Description**
A SQL Injection issue in the SQL Panel allows attackers to execute SQL statements by changing the `raw sql` input field of the SQL explain, analyze, or select form. This is a high severity issue for anyone using the toolbar in a production environment.
**Recommendations**
For Django Debug Toolbar version 1.x, upgrade to version 1.11.1.
For Django Debug Toolbar version 2.x, upgrade to version 2.2.1.
For Django Debug Toolbar version 3.x, upgrade to version 3.2.1.