Atlassian Jira Missing Authentication for Critical Function Vulnerability - CVE-2019-8449 - Vulnerability Database

Atlassian Jira Missing Authentication for Critical Function Vulnerability - CVE-2019-8449

Medium
Reference: CVE-2019-8449
Title: Atlassian Jira Missing Authentication for Critical Function Vulnerability
Overview:

The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.