9 matches found
Atlassian HipChat for Jira Plugin Velocity Template Injection
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'json' class Metasploit3 "Atlassian HipChat for Jira Plugin Velocity Template Injection", 'Description' = %q Atlassian Hipchat is a web service...
CVE-2015-5603
creationtimestamp| type| source ---|---|--- 2015-10-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38551 2015-12-08 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38905 2018-05-29 15:50:33+00:00| seen|...
JIRA and HipChat for JIRA Plugin Velocity Template Injection Vulnerability
Exploit for java platform in category web applications JIRA and HipChat for JIRA plugin Velocity Template Injection Vulnerability Date: 2015-08-26 CVE ID: CVE-2015-5603 Vendor Link: https://confluence.atlassian.com/jira/jira-and-hipchat-for-jira-plugin-security-advisory-2015-08-26-776650785.html...
JIRA and HipChat for JIRA Plugin - Velocity Template Injection
JIRA and HipChat for JIRA plugin Velocity Template Injection Vulnerability Date: 2015-08-26 CVE ID: CVE-2015-5603 Vendor Link: https://confluence.atlassian.com/jira/jira-and-hipchat-for-jira-plugin-security-advisory-2015-08-26-776650785.html Product: JIRA and the HipChat for JIRA plugin. Affected...
CVE-2015-5603: JIRA and the HipChat For JIRA plugin - Velocity Template Injection
Note: the current version of this advisory can be found at https://confluence.atlassian.com/x/IcBKLg . CVE ID: CVE-2015-5603 Product: JIRA and the HipChat for JIRA plugin. Affected HipChat For JIRA plugin versions: 1.3.2 = version 6.30.0 Affected JIRA product versions: 6.3.5 = version 6.4.11...
CVE-2015-5603
The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java code via unspecified vectors, related to "Velocity Template Injection Vulnerability."...
CVE-2015-5603
The CVE-2015-5603 issue affects Atlassian Jira when used with the HipChat for Jira plugin (versions prior to 6.30.0). An authenticated Jira user can trigger a Velocity Template Injection in the plugin, enabling arbitrary Java code execution. Exploitation targets the plugin’s template handling and...
CVE-2015-5603: HipChat for JIRA plugin - Velocity Template Injection
We internally discovered that the HipChat For JIRA plugin had a resource that combined user input into a velocity template source and subsequently rendered it. Authenticated attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of the...
CVE-2015-5603: HipChat for JIRA plugin - Velocity Template Injection
We internally discovered that the HipChat For JIRA plugin had a resource that combined user input into a velocity template source and subsequently rendered it. Authenticated attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of the...