jQuery-File-Upload 9.22.0 Arbitrary File Upload


JQuery is a fast, concise JavaScript framework, and another excellent JavaScript code base (or JavaScript framework) after Prototype.

jQuery-File-Upload versions 9.22.0 and below suffer from an unauthenticated arbitrary file upload vulnerability that allows for remote command execution.


At present, the vendor has released the patches to repair loopholes, patch for a link: https://github.com/blueimp/jQuery-File-Upload/releases