pomelo is vulnerable to prototype pollution. A malicious user-input can corrupt arbitrary methods and attributes in template/game-server/app/servers/connector/handler/entryHandler.js
due to overwriting of certain internal attributes via a conflicting name. This could allow an attacker to execute arbitrary code by adding additional attributes to user-input.