Description
The Gadget API in Atlassian Jira Server and Data Center in affected versions allows remote attackers to make Jira unresponsive via repeated requests to a certain endpoint in the Gadget API. The affected versions are before version 8.5.4, and from version 8.6.0 before 8.6.1.
Remediation
References
Related Vulnerabilities
MyBB Insertion of Sensitive Information into Log File Vulnerability (CVE-2015-8977)
WordPress Plugin Amazon Product in a Post SQL Injection (3.5.2)
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2023-1108)
WordPress Plugin HTML5 jQuery Audio Player Multiple Cross-Site Scripting Vulnerabilities (2.3)
WordPress Plugin Users Ultra Membership Cross-Site Scripting (1.5.78)