This indicates an attack attempt to exploit a Remote Code Execution Vulnerability in Atlassian Crowd and Crowd Data Center.
The vulnerability is due to the pdkinstall development plugin incorrectly enabled in release builds. A remote attacker may be able to exploit this to install arbitrary plugins and execute arbitrary code within the context of the application, via a crafted HTTP POST request.
All versions of Crowd from version 2.1.0 before 3.0.5 (the fixed version for 3.0.x), from version 3.1.0 before 3.1.6 (the fixed version for 3.1.x), from version 3.2.0 before 3.2.8 (the fixed version for 3.2.x), from version 3.3.0 before 3.3.5 (the fixed version for 3.3.x), from version 3.4.0 before 3.4.4 (the fixed version for 3.4.x) are affected by this vulnerability.
System Compromise: Remote attackers can gain control of vulnerable systems.
Apply the most recent upgrade or patch from the vendor.