Jira is a software application used for issue tracking and project management.
An information disclosure vulnerability in Jira before version 8.4.0 allows remote attackers to enumerate usernames via the /rest/api/latest/groupuserpicker resource.
/rest/api/latest/groupuserpicker