SQL Injection in resquel
All versions of resquel are vulnerable to SQL Injection. Query parameters are not properly sanitized, allowing attackers to inject SQL statements and execute arbitrary SQL queries No fix is currently available. Consider using an alternative package until a fix is made available.