CVE-2016-1000225
The connected advisories identify a SQL Injection vulnerability in Sequelize involving models with the GEOMETRY DataType and GeoJSON handling. Specifically, unescaped single quotes in GeoJSON documents processed by ST_GeomFromGeoJSON (and GeomFromText for MySQL) allow injection in affected models...