Vulnerabilities > Atlassian > Jira > 7.13.17
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-09-11 | CVE-2019-8449 | Missing Authentication for Critical Function vulnerability in Atlassian Jira The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability. | 5.0 |