Security Advisory
CVE-2019-8449
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.