Full title: Atlassian Jira Authenticated Upload Code Execution Exploit 
Category: remote exploits
Platform: java
This Metasploit module can be used to execute a payload on Atlassian Jira via the Universal Plugin Manager(UPM). The module requires valid login credentials to an account that has access to the plugin manager. The payload is uploaded as a JAR archive containing a servlet using a POST request against the UPM component. The check command will test the validity of user supplied credentials and test for access to the plugin manager.

# 0day.today @ http://0day.today/