Bleeping Computer

jQuery File Upload Plugin Vulnerable for 8 Years and Only Hackers Knew

jQuery File Upload has been vulnerable for eight years, since the Apache 2.3.9 release in 2010. The coding faux pas did not go unnoticed all this time, and the method for exploiting it has been shared ...
ZDNet

Une Zero-day dans un plugin jQuery très populaire exploitée depuis au moins trois ans

La vulnérabilité a un impact sur le plugin jQuery File Upload, écrit par le développeur allemand Sebastian Tschan, plus communément connu sous le nom de Blueimp. Ce plugin est le deuxième projet Linux ...
ZDNet

Zero-day in popular jQuery plugin actively exploited for at least three years

Roku TV vs Fire Stick Galaxy Buds 3 Pro vs Apple AirPods Pro 3 M5 MacBook Pro vs M4 MacBook Air Linux Mint vs Zorin OS 4 quick steps to make your Android phone run like new again How much RAM does ...
GitHub

Plugin extensions

The recommended way to extend the jQuery File Upload plugin is by using the extension mechanism of the jQuery UI Widget Factory. This allows to override default Options (including callback methods) as ...
Threat Post

Thousands of Applications Vulnerable to RCE via jQuery File Upload

The flaw has existed for eight years thanks to a security change in Apache. A widely used plugin by Blueimp called jQuery File Upload contains a years-old vulnerability that potentially places 7,800 ...