Django fixes SQL Injection vulnerability in new releases Django, an open source Python-based web framework has patched a high severity vulnerability in its latest releases.

An attacker with access to the PandasAI interface can perform prompt injection attacks, instructing the connected LLM to translate malicious natural language inputs into executable Python or SQL code.

While Forristal looked at Microsoft's software first, SQL injection was an industry-wide problem; sites using Java, PHP, ColdFusion, Ruby, and Python have all had SQL injection flaws.