We shouldn't be using GET request to perform these actions: GET /rest/v2/server?action=stop GET /rest/v2/cluster?action=stop GET /rest/v2/tasks/myTask?action=exec¶m.p1=v1¶m.p2=v2 GET /rest/v2/cache-managers/{cacheManagerName}/x-site/backups/{siteName}?action=cancel-push-state GET /rest/v2/cache-managers/{cacheManagerName}/x-site/backups/{siteName}?action=start-push-state GET /rest/v2/cache-managers/{cacheManagerName}/x-site/backups/{siteName}?action=bring-online GET /rest/v2/cache-managers/{cacheManagerName}/x-site/backups/{siteName}?action=take-offline GET /rest/v2/counters/{counterName}?action=compareAndSet&expect={expect}&update={update} GET /rest/v2/counters/{counterName}?action=compareAndSwap&expect={expect}&update={update} GET /rest/v2/counters/{counterName}?action=decrement GET /rest/v2/counters/{counterName}?action=add&delta={delta} GET /rest/v2/counters/{counterName}?action=increment GET /rest/v2/counters/{counterName}?action=reset GET /v2/caches/{cacheName}/x-site/backups/{siteName}?action=cancel-receive-state https://issues.redhat.com/browse/JDG-3625
Acknowledgments: Name: Diego Lovison (Red Hat)
This issue has been addressed in the following products: Red Hat Data Grid 8.2.0 Via RHSA-2021:2139 https://access.redhat.com/errata/RHSA-2021:2139
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-10771