Of the thousands of plugins for the jQuery framework, one of the most popular of them harbored for at least three years an oversight in code that eluded the security community, despite public availability of tutorials that explained how it could be exploited.
The bug affects the widely used jQuery File Upload widget and allowed an attacker to upload arbitrary files on web servers, including command shells for sending out commands.
Bug enabled by security upgrade eight years ago
Larry Cashdollar, a security researcher with Akamai’s SIRT (Security Intelligence Response Team), found the flaw while analyzing the widget’s code and was able to upload a web shell and run commands on a test server he set up.
Read more…
Source: Bleeping Computer