Atlassian Jira Missing Authorization Vulnerability - CVE-2019-8445
Several worklog rest resources in Jira before version 7.13.7 and from version 8.0.0 before version 8.3.2 allow remote attackers to view worklog time information via a missing permissions check.