SQL Injection

litellm is vulnerable to SQL Injection. The vulnerability is due to improper handling of the ‘user_id’ parameter in the raw SQL query used for deleting users. This allows an attacker to inject malicious SQL commands, leading to potential unauthorized access to sensitive information such as API keys, user information, and tokens stored in the database.