Node.js was vulnerable to a novel HTTP request smuggling technique

Head-scratcher: "A server-side technology that allows JavaScript to be executed out of the browser, Node.js is an increasingly popular way of developing and hosting web apps."