jQuery-File-Upload 9.22.0 Arbitrary File Upload

Summary

JQuery is a fast, concise JavaScript framework, and another excellent JavaScript code base (or JavaScript framework) after Prototype.

jQuery-File-Upload versions 9.22.0 and below suffer from an unauthenticated arbitrary file upload vulnerability that allows for remote command execution.

Solution

At present, the vendor has released the patches to repair loopholes, patch for a link: https://github.com/blueimp/jQuery-File-Upload/releases