Description
In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting the dotCMS server to download a large file. If done repeatedly, this will result in Tomcat request-thread exhaustion and ultimately a denial of any other requests.
Remediation
References
Related Vulnerabilities
Joomla! Core Security Bypass (2.5.0 - 3.9.16)
CakePHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3712)
JBoss Application Server Improper Privilege Management Vulnerability (CVE-2012-2312)
WordPress Plugin SEO Redirection-301 Redirect Manager SQL Injection (8.1)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5272)