Description

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

Remediation

References

CVE-2023-44487

Related Vulnerabilities

WordPress Plugin JobSearch WP Job Board Cross-Site Scripting (1.5.2)

WordPress Plugin PowerPack Pro for Elementor Privilege Escalation (2.10.14)

WordPress Plugin Adavnced Video embed Local File Inclusion (1.0)

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8902)

WordPress Plugin WP?????? Cross-Site Scripting (1.3.9)

Severity

High

Classification

CVE-2023-44487 CWE-400 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities