Name of the Vulnerable Software and Affected Versions No specific software name is mentioned, but based on the context, it appears to be related to a server software, possibly a game server, with affected versions not specified.

Description The issue arises from a workaround for an old client bug that allowed very large JSON payloads in ModalFormResponsePacket to cause the server to spend significant time processing the packet. This could lead to large numbers of these packets hogging CPU time and preventing the server from processing other connections in a timely manner.

Recommendations For the affected versions, a possible workaround is for plugins to cancel DataPacketReceiveEvent for the ModalFormResponsePacket, decode the data manually, and then call Player->onFormSubmit() directly, bypassing the vulnerable code. At the moment, there is no information about a newer version that contains a fix for this vulnerability.