Apollo Federation vulnerable to prototype pollution via incomplete key sanitization