Vulnerability
Description
Atlassian Jira Server and Data Center before version 7.13.6, and from version 8.0.0 before 8.5.7, and from version 8.6.0 before 8.12.0 are vulnerable to Information Disclosure vulnerability. It allows an unauthenticated user to enumerate users in the /ViewUserHover.jspa endpoint.
Recommendations
- Update Jira to the latest version
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
