CVE-2015-5603

HipChat for JIRA <6.30.0 - Code Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2015-5603. PoCs published by Metasploit, Chris Wood, Chris Wood, sinn3r, including Metasploit module exploits/multi/http/jira_hipchat_template.

AI-analyzed exploit summary This Metasploit module exploits a Velocity template injection vulnerability in Atlassian HipChat for Jira, allowing remote code execution as the Jira user. It supports multiple platforms (Java, Windows, Linux) and includes both active and passive checks for vulnerability verification.

Description

The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to execute arbitrary Java code via unspecified vectors, related to "Velocity Template Injection Vulnerability."

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotemultiple
https://www.exploit-db.com/exploits/38905

This Metasploit module exploits a Velocity template injection vulnerability in Atlassian HipChat for Jira, allowing remote code execution as the Jira user. It supports multiple platforms (Java, Windows, Linux) and includes both active and passive checks for vulnerability verification.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Atlassian HipChat for Jira Plugin (1.3.2 to 6.30.0) and Jira (6.3.5 to 6.4.10)
Auth required
Prerequisites: Valid Jira credentials · Target not protected by CAPTCHA
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Chris Wood · pythonwebappsjava
https://www.exploit-db.com/exploits/38551

This exploit leverages a Velocity Template Injection vulnerability in JIRA and the HipChat for JIRA plugin to execute arbitrary commands as the Tomcat user. It sends a malicious payload via a REST API endpoint, requiring an authenticated session.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: JIRA (6.3.5 <= version < 6.4.11) and HipChat for JIRA plugin (1.3.2 <= version < 6.30.0)
Auth required
Prerequisites: Authenticated JIRA session (JSESSIONID cookie) · Network access to the JIRA REST API endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by Chris Wood, sinn3r · rubypocjava
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/jira_hipchat_template.rb

This Metasploit module exploits a Velocity template injection vulnerability in Atlassian HipChat for Jira, allowing authenticated users to execute arbitrary Java code. It supports multiple payload types (Java, Windows, Linux) and includes both active and passive checks for vulnerability verification.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Atlassian HipChat for Jira Plugin (1.3.2 to 6.30.0) and Jira (6.3.5 to 6.4.10)
Auth required
Prerequisites: Valid Jira credentials · HipChat for Jira plugin installed · Target not protected by CAPTCHA
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/38905/
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/536374/100/0/threaded
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/38551/

Scores

EPSS 0.5931
EPSS Percentile 99.0%

Details

CWE
CWE-94
Status published
Products (1)
atlassian/hipchat < 6.29.2
Published Sep 21, 2015
Tracked Since Feb 18, 2026