CVE-2018-9206

Pierluigi Paganini October 20, 2018
Thousands of applications affected by a zero-day issue in jQuery File Upload plugin

A security researcher discovered a zero-day vulnerability, tracked as CVE-2018-9206, that affects older versions of the jQuery File Upload plugin since 2010. Attackers can exploit the vulnerability to carry out several malicious activities, including defacement, exfiltration, and malware infection. The flaw was reported by the Akamai researcher Larry Cashdollar, he explained that many other packages that include […]