Browsing tag
Cybersecurity specialist reports mention that jQuery, the popular JavaScript library, has been compromised by an unusual prototype pollution vulnerability that could allow threat actors to modify a Javascript object prototype. It is estimated that the impact of this problem could be serious, considering that this library is currently used by more than 70% of the […]
JQShell A weaponized version of CVE-2018-9206 (Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0). Disclaimer Using this agianst servers you dont control, is illegal in most countries. The author claims no responsibility for the actions of those who use this software for illegal purposes. This software is intended for educational use only. No […]
Different ways of exploiting the flaw have been widely spread too Out of the thousands of plugins for the jQuery framework, one of the most popular has hosted for at least three years an oversight in the code that remained hidden for the cybersecurity and digital forensics community, despite the availability of tutorials explaining how it could […]
The official blog of jQuery—most popular JavaScript library used by millions of websites—has been hacked by some unknown hackers, using the pseudonym “str0ng” and “n3tr1x.” jQuery’s blog website (blog.jquery.com) runs on WordPress—the world’s most popular content management system (CMS) used by millions of websites. While there is no evidence yet if the server (code.jquery.com) that […]