CVE-2019-7548

CVE-2019-7548

SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.

Source: CVE-2019-7548