cruddl is vulnerable to sql injection attacks. The vulnerability exists because of the missing sanitizations in the query
function in arangodb-adapter.ts
which allows a remote attacker to inject and execute malicious javascript script in to the system. .