Threat Post

Thousands of Applications Vulnerable to RCE via jQuery File Upload

The flaw has existed for eight years thanks to a security change in Apache. A widely used plugin by Blueimp called jQuery File Upload contains a years-old vulnerability that potentially places 7,800 ...
Bleeping Computer

jQuery File Upload Plugin Vulnerable for 8 Years and Only Hackers Knew

Tschan changed the code to allow only image file types GIF, JPG, JPEG, and PNG by default; he provides instructions on how to enable more content without running a security risk. Flaw propagates to ...