NoSQL injection
This demo builds off work described here: https://nullsweep.com/a-nosql-injection-primer-with-mongo/ and code found here: https://github.com/Charlie-belmer/vulnerable-node-app
This demo includes modifications to users.routes.js to close vulnerabilities in the /lookup and /login routes with /lookupfixed and /login-fixed.