Description

The Gadget API in Atlassian Jira Server and Data Center in affected versions allows remote attackers to make Jira unresponsive via repeated requests to a certain endpoint in the Gadget API. The affected versions are before version 8.5.4, and from version 8.6.0 before 8.6.1.

Remediation

References

CVE-2019-20899

Related Vulnerabilities

WordPress Plugin Influencer Marketing & Press Release System Cross-Site Scripting (2.2)

Moodle Improper Access Control Vulnerability (CVE-2016-8643)

WordPress Plugin Contact Form Email Information Disclosure (1.2.66)

WP Plugin Contact Form 7 CVE-2018-20979 Vulnerability (CVE-2018-20979)

XWiki Uncontrolled Resource Consumption Vulnerability (CVE-2024-21651)

Severity

Medium

Classification

CVE-2019-20899

Tags

Missing Update Known Vulnerabilities