Node.js is vulnerable to HTTP request smuggling. Improper parsing of the path
option of an HTTP request allows for a remote attacker to smuggle an HTTP request using Unicode data within the HTTP request, potentially bypassing existing access controls.