CVE-2018-3754
The CVE-2018-3754 issue affects the Node.js third‑party module query-mysql, specifically versions 0.0.0, 0.0.1, and 0.0.2. The root cause is lack of input sanitization, allowing SQL injection where user-supplied values are concatenated into queries (e.g., building queries like SELECT * FROM table...