H3-2022-0057¶
jQuery File Upload Widget Exposed
| Category | SECURITY_MISCONFIGURATION |
| Base Score | 8.1 |
Description¶
jQuery File Upload is a file upload widget with multiple file selection, drag&drop support, progress bars, validation and preview images, audio and video for jQuery.
Impact¶
Exposure of this widget could allow for arbitrary file uploads which attackers could leverage to execute remote code.