High
Node.js tiny-conf could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution in set function. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Gain Access
NodeJs
Node.js tiny-conf
Refer to POC for the attack vector and the usage of user interaction for the exploitation of the vulnerability.