I'm working at a small company providing a web-based solution. Today I found that we are using the TimThumb script for image resizing at version 2.8.14.
Upon doing some research, I found that this was once a well-exploited script that allowed for remote code execution from bad faith actors, and this left me very worried.
Most sources seem to give conflicting information, and so I wanted to ask here: is there still a way to exploit this script on its current version? Should I then suggest that we use an alternative?
I am still a novice at this, so any advice is appreciated. Thank you.