A popular jQuery upload plugin used .htaccess for security control but the default behaviour in Apache changed 8 years ago (v2.3.9) so attackers have been able to upload payloads using the plugin ever since.
Luckily it’s only the 2nd biggest jQuery repo on GitHub that’s been forked 7,834 times!
[Read More]