Description
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.
Remediation
References
Related Vulnerabilities
WordPress Plugin Ad Manager by WD-Advanced Ad Manager Multiple Vulnerabilities (1.0.11)
WordPress Plugin Ajax Store Locator Directory Traversal (1.2.0)
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-2080)
Jenkins Improper Authentication Vulnerability (CVE-2017-1000354)
Chamilo Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2026-32930)