engine.io is vulnerable to Denial Of Services (DoS). The vulnerability exists due to the uncaught exception that occurs in the handleUpgrade
function of server.ts
and userver.ts
when providing an invalid query param, which allows an attacker to crash the application through a maliciously crafted request