Affected versions of Atlassian Jira Server and Jira Data CenterΒ allow remote attackers to discover the username of users via an enumeration vulnerability in the REST API.
CVE-2021-26081
The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, from version 8.14.0 before 8.16.1, from version 8.17.0 before 8.16.2, and from version 8.17.0 before 8.17.0.
Affected versions:
Fixed versions: