CVE-2019-3403

The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check.
Source: NIST
CVE-2019-3403

Leave a Reply

Your email address will not be published.