Keys of objects in mysql node module v2.0.0-alpha7 and previous versions are not escaped with `mysql.escape()` which could lead to SQL Injection.
mysqljs mysql
mysqljs mysql 2.0.0