sequelize is vulnerable to SQL Injection attacks. A specifically crafted attack statement through query-generator.js
allows a malicious user to inject and execute arbitrary SQL queries on the target system due to improper attribute filtering.
CPE | Name | Operator | Version |
---|---|---|---|
sequelize | le | 6.28.2 | |
sequelize | le | 7.0.0-next.1 | |
sequelize | le | 6.28.2 | |
sequelize | le | 7.0.0-next.1 |