The host is installed with Atlassian Jira Server before 8.5.4 or 8.6.0 before 8.6.1 and is prone to a denial of service. A flaw is present in the application which fails to properly handle issues in Gadget API. Successful exploitation could allow remote attackers to make Jira unresponsive via repeated requests to a certain endpoint in the Gadget API.