CVE-2019-3403

Published: 2019-05-22T18:29Z

Last Modified: 2024-11-21T04:42Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt