Just to make it clear - this affects a whole lot of systems and is based on a flaw in the design of hash-tables:
Basically you can pre-calculate a huge set of POST parameter names which will all be hashed to the same value. Since these are stored in a hash-map by most web-frameworks - this will lead to a o(n) lookup time instead of a o(1) lookup time, when testing the hash-map for a given parameter name.
This will max out your cpu quite quickly depending on how many lookups you perform per request.
Since the attack has "script kiddie" difficulty, this needs to be patched ASAP by all vendors