Описание
The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java code via unspecified vectors, related to "Velocity Template Injection Vulnerability."
The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java code via unspecified vectors, related to "Velocity Template Injection Vulnerability."
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-5603
- https://confluence.atlassian.com/jira/jira-and-hipchat-for-jira-plugin-security-advisory-2015-08-26-776650785.html
- https://www.exploit-db.com/exploits/38551
- https://www.exploit-db.com/exploits/38905
- http://packetstormsecurity.com/files/133401/Jira-HipChat-For-Jira-Java-Code-Execution.html
- http://www.rapid7.com/db/modules/exploit/multi/http/jira_hipchat_template
- http://www.securityfocus.com/archive/1/536374/100/0/threaded
Связанные уязвимости
nvd
больше 10 лет назад
The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java code via unspecified vectors, related to "Velocity Template Injection Vulnerability."