CVE-2019-3403

2019-05-22T18:29:00
ID CVE-2019-3403
Type cve
Reporter cve@mitre.org
Modified 2019-10-09T23:49:00

Description

The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check.