CVE-2019-8446

EPSS 17.5%CWE-863

The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to enumerate usernames via an incorrect authorisation check.

Affected products

Atlassian · Jira

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://jira.atlassian.com/browse/JRASERVER-69777 https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0839