Snyk has a published code exploit for this vulnerability.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsAvoid using exprss
altogether.
exprss is a malicious package.
When installed through a typosquatting attack, the package will extract and upload information to a remote server including name of the downloaded package, name of the intended package, the Node version and whether the process was running as sudo.