Hello,
There is a known security vulnerability in the Blueimp jQuery File Upload library for versions released prior to Oct 13, 2018 (v9.22.1).
It seems like the brXM image upload tool uses some part of this library (see screenshot), but it is difficult to tell what version and/or its exact usage so as to establish whether the vulnerability is relevant to usage of the CMS. I have made an attempt to find documentation or other info, to no avail.
Is there anyone that can confirm how Blueimp is used by brXM?
