Improper Handling of URL Encoding (Hex Encoding)
serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded. This vulnerability affects versions prior to 6.5.2.
CWE-177 - Improper Handling of URL Encoding (Hex Encoding)
The software does not properly handle when all or part of an input has been URL encoded.