All servers using express.bodyParser are vulnerable to an attack which creates an unlimited number of temp files on the server, potentially filling up all the disk space, which is likely to cause the server to hang.
http://andrewkelley.me/post/do-not-use-bodyparser-with-express-js.html
Leave a Reply