Hallo zusammen, sofern nicht selber schon gesehen/-lesen hier [0] FYI "Popular website plugin harboured a serious 0-day for years" "... An unnerving example is a vulnerability that Akamai’s Larry Cashdollar stumbled on earlier this year after encountering the hugely popular file upload plugin, jQuery File Upload, used to add user-friendly file upload capabilities like drag and drop to websites and web content management systems, including WordPress ..." Identifiziert als CVE-2018-9206 Fixed Version 9.22.1 (released 13.10.2018) --> Update jQuery File Upload asap VG Bernd [0] https://nakedsecurity.sophos.com/2018/10/22/popular-website-plugin-harboured... -- Bernd Kohler IT Center Abteilung: Netze RWTH Aachen University Wendlingweg 10 52074 Aachen Tel: +49 241 80-29793 Fax: +49 241 80-22666 kohler@itc.rwth-aachen.de https://www.itc.rwth-aachen.de