feathers-sequelize is vulnerable to sql injection attacks. The vulnerability exists in the_find
function of index.js
because the parameters are not properly filtered which allows an attacker to inject and execute arbitrary sql queries.
CPE | Name | Operator | Version |
---|---|---|---|
feathers-sequelize | le | 6.3.3 | |
feathers-sequelize | le | 6.3.3 |