jquery-file-upload@4.0.5 vulnerabilities
jQuery Upload File plugin provides Multiple file Uploads with progress bar.Works with any server-side platform (Google App Engine, PHP, Python, Ruby on Rails, Java, etc.) that supports standard HTML form file uploads.
-
latest version
4.0.11
-
first published
9 years ago
-
latest version published
6 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the jquery-file-upload package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
jquery-file-upload is a jQuery Upload File plugin which provides multiple file pploads with a progress bar. Works with any server-side platform (Google App Engine, PHP, Python, Ruby on Rails, Java, etc.) that supports standard HTML form file uploads. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the How to fix Cross-site Scripting (XSS)? There is no fixed version for |
*
|
jquery-file-upload provides Multiple file Uploads with progress bar. Affected versions of this package contain demo code which is vulnerable to Arbitrary Code Execution due to allowing the upload of arbitrary files. It did not require any validation to upload files to the server. Using the How to fix Arbitrary Code Execution? There is no fix version for |
*
|