jQuery-File-Upload 9.22.0 Arbitrary File Upload
- Date Published:2018-10-11
- Last Updated:2018-10-11
- Version Affected: jQuery-File-Upload <9.22.0
jQuery-File-Upload versions 9.22.0 and below suffer from an unauthenticated arbitrary file upload vulnerability that allows for remote command execution.
At present, the vendor has released the patches to repair loopholes, patch for a link: https://github.com/blueimp/jQuery-File-Upload/releases