CVE-2019-8449 Exploit for Jira Releases Below v8.3.4 CVSS Score: 5.0 Vulnerability Type(s): Information Disclosure Authentication: Not Required Affected Versions: 2.1 - 8.3.4 Publish Date: 2019-09-11 Exploit-DB: https://www.exploit-db.com/exploits/47990
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
python CVE-2019-8449.py