CVE-2020-7699: Prototype Pollution in express-fileupload

Severity: Critical

CVSS Score: 9.8

This affects the package express-fileupload before 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution.