Directory traversal vulnerability in the Issue Collector plugin in Atlassian JIRA before 6.0.4 allows remote attackers to create arbitrary files via unspecified vectors.

References

• https://nvd.nist.gov/vuln/detail/CVE-2014-2314
• https://confluence.atlassian.com/display/JIRA/JIRA+Security+Advisory+2014-02-26
• http://blog.h3xstream.com/2014/02/jira-path-traversal-explained.html
• http://www.exploit-db.com/exploits/32725