[ASA-202204-9] python-django: sql injection

An attacker is able to perform an SQL injection via a specially crafted input.