Vulnerabilities > Atlassian > Jira > 7.13.17

DATE CVE VULNERABILITY TITLE RISK
2019-09-11 CVE-2019-8449 Missing Authentication for Critical Function vulnerability in Atlassian Jira
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
network
low complexity
atlassian CWE-306
5.0
5.0