CVE-2015-5603
N/A
N/A
Summary
The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java code via unspecified vectors, related to "Velocity Template Injection Vulnerability."
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://confluence.atlassian.com/jira/jira-and-hipchat-for-jira-plugin-security-advisory-2015-08-26-776650785.html
- https://www.exploit-db.com/exploits/38905/
- http://packetstormsecurity.com/files/133401/Jira-HipChat-For-Jira-Java-Code-Execution.html
- http://www.rapid7.com/db/modules/exploit/multi/http/jira_hipchat_template
- http://www.securityfocus.com/archive/1/536374/100/0/threaded
- https://www.exploit-db.com/exploits/38551/
References
- https://confluence.atlassian.com/jira/jira-and-hipchat-for-jira-plugin-security-advisory-2015-08-26-776650785.html
- https://www.exploit-db.com/exploits/38905/
- http://packetstormsecurity.com/files/133401/Jira-HipChat-For-Jira-Java-Code-Execution.html
- http://www.rapid7.com/db/modules/exploit/multi/http/jira_hipchat_template
- http://www.securityfocus.com/archive/1/536374/100/0/threaded
- https://www.exploit-db.com/exploits/38551/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.