Atlassian discovered internally that HipChat For JIRA plugin had a resource that combined user input into a velocity template source and subsequently rendered it. Authenticated attackers can use this vulnerability to execute Java code of their choice on systems that have a vulnerable version of the HipChat For JIRA plugin enabled. To exploit this issue attackers need to be able to access the JIRA web interface and log into JIRA.
- All versions of HipChat For JIRA plugin from 1.3.2 before 6.30.0 are affected by this vulnerability.
- All versions of JIRA from 6.3.5 before 6.4.11 are affected by this vulnerability.
- The HipChat for JIRA plugin can be updated through JIRA's addon manager. JIRA Server 6.4.11 is not vulnerable to this issue.
- Drupal Core 8.5.0 Remote Code Execution (8.5.0 - 8.5.0)
- WordPress Plugin Ajax Search Lite Remote Command Execution (3.1)
- WordPress Plugin Best Seo Remote Code Execution (1.5)
- WordPress Plugin is_human() 'type' Parameter Remote Command Injection (1.4.2)
- WordPress Plugin Social Media Tab Remote Code Execution (1.0.9)