TypeORM vulnerable to SQL injection via crafted request to repository.save or repository.update

Summary SQL Injection vulnerability in TypeORM before 0.3.26 via crafted request to repository.save or repository.update due to the sqlstring call using stringifyObjects default to false. Details Vulnerable Code: js const username, city, name = req.body; const updateData = username, city, name,...