Drupal sites vulnerable to double-extension attacks

The 90s called. They want their vulnerability back.

You can read the full article here.