id,summary,reporter,owner,description,type,status,component,version,severity,resolution,keywords,cc,stage,has_patch,needs_docs,needs_tests,needs_better_patch,easy,ui_ux 11623,django.core.cache.backends.db does not escape table names,Fraser Nevett,nobody,"The table name is simply inserted verbatim into the SQL using string formatting, for example: {{{ #!python cursor.execute(""SELECT COUNT(*) FROM %s"" % self._table) }}} If the table name contains characters that require escaping, the generated SQL will be invalid and cause errors to occur.",,closed,Core (Cache system),dev,,fixed,,,Accepted,1,0,0,0,0,0