0.001 Low
EPSS
Percentile
39.3%
query-mysql is vulnerable to sql injections. The library does not properly sanitize user input, allowing a malicious user to inject and execute arbitrary SQL queries.
hackerone.com/reports/311244
nodesecurity.io/advisories/666