Due to improper artibute filtering in the sequalize js library, can a attacker peform SQL injections.