We got a security report to firstname.lastname@example.org, that Solr can infinite loop, use 100% CPU and stack overflow, if you execute the following HTTP request:
The qt paramter instructs PingRequestHandler to call the given request handler. This leads to an infinite loop. This is not an security issue, but for an unprotected Solr server with unprotected /solr/select path this makes it stop working.
The fix is to prevent infinite loop by disallowing calling itsself.