CVE-2020-36048

Name of the Vulnerable Software and Affected Versions: Engine.IO versions prior to 4.0.0

Description: The issue allows attackers to cause a denial of service via a POST request to the long polling transport, resulting in resource consumption. This can be achieved by sending a POST request to the "/longpolling" endpoint, although the exact endpoint is not explicitly mentioned in the provided descriptions.

Recommendations: For versions prior to 4.0.0, update to version 4.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the long polling transport to minimize the risk of exploitation.