H3-2022-0057
jQuery File Upload Widget Exposed
Category | SECURITY_MISCONFIGURATION |
Base Score | 8.1 |
Description
jQuery File Upload is a file upload widget with multiple file selection, drag&drop support, progress bars, validation and preview images, audio and video for jQuery.
Impact
Exposure of this widget could allow for arbitrary file uploads which attackers could leverage to execute remote code.