Skip to main content

Jquery Upload File

2 CVEs product

Monthly

CVE-2021-37504 npm MEDIUM This Month

A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jquery Upload File
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.9%
CVE-2018-9207 npm CRITICAL POC PATCH Act Now

Arbitrary file upload in jQuery Upload File <= 4.0.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Jquery Upload File
NVD
CVSS 3.0
9.8
EPSS
3.5%
EPSS 1% CVSS 6.1
MEDIUM This Month

A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jquery Upload File
NVD GitHub VulDB
EPSS 3% CVSS 9.8
CRITICAL POC PATCH Act Now

Arbitrary file upload in jQuery Upload File <= 4.0.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Jquery Upload File
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy