chore(package): pin sequelize to a higher version

fixes SQLI vulnerability

Author: Awk34

Diff for: templates/app/_package.json

@@ -40,7 +40,7 @@
     "mongoose": "^4.1.2",
     "bluebird": "^3.3.3",
     "connect-mongo": "^1.2.1",<% } %><% if(filters.sequelize) { %>
-    "sequelize": "^3.5.1",
+    "sequelize": "^3.23.6",
     "sqlite3": "~3.1.1",
     "express-sequelize-session": "0.4.0",<% } %><% if(filters.auth) { %>
     "jsonwebtoken": "^7.0.0",