Description

The Gadget API in Atlassian Jira Server and Data Center in affected versions allows remote attackers to make Jira unresponsive via repeated requests to a certain endpoint in the Gadget API. The affected versions are before version 8.5.4, and from version 8.6.0 before 8.6.1.

Remediation

References

CVE-2019-20899

Related Vulnerabilities

Joomla! Core 3.x.x Security Bypass (3.2.0 - 3.9.4)

WordPress Plugin Paid Business Listings Blind SQL Injection (1.0.2)

WordPress Plugin Stetic Cross-Site Request Forgery (1.0.6)

WordPress Plugin BuddyPress Cross-Site Scripting (2.2.2.1)

MySQL Numeric Errors Vulnerability (CVE-2007-2583)

Severity

Medium

Classification

CVE-2019-20899

Tags

Missing Update Known Vulnerabilities