Headline
CVE-2021-23562: Arbitrary File Upload in org.webjars.bowergithub.moxiecode:plupload | Snyk
This affects the package plupload before 2.3.9. A file name containing JavaScript code could be uploaded and run. An attacker would need to trick a user to upload this kind of file.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications