Vulnerability
Description
Jira is a software application used for issue tracking and project management.
An information disclosure vulnerability in Jira before version 8.4.0 allows remote attackers to enumerate usernames via the /rest/api/latest/groupuserpicker resource.
Recommendations
- Update JIRA to the latest version
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
