id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
11623	django.core.cache.backends.db does not escape table names	Fraser Nevett	nobody	"The table name is simply inserted verbatim into the SQL using string formatting, for example:

{{{
#!python
cursor.execute(""SELECT COUNT(*) FROM %s"" % self._table)
}}}

If the table name contains characters that require escaping, the generated SQL will be invalid and cause errors to occur."		closed	Core (Cache system)	dev		fixed			Accepted	1	0	0	0	0	0