Exploit described in YouTube videos jQuery File Upload has been vulnerable for eight years, since the Apache 2.3.9 release in 2010.

The vulnerability impacts the jQuery File Upload plugin authored by prodigious German developer Sebastian Tschan, most commonly known as Blueimp.

The larger issue is that jQuery File Upload code forks and variations used in production packages – some 7,800 of them, according to Cashdollar – are also vulnerable to file upload and code ...