Hi everyone - this is a notice for the sake of transparency with regard to a potential security vulnerability. The Django team released security fixes related to potential SQL injections. We've audited the Open Zaak code and found no vulnerable code paths that make this exploitable. To track this and prevent it in the future, I've created a Github issue: https://github.com/open-zaak/open-zaak/issues/1136