CVE-2019-16907
CVE-2019-16907 affects Infosysta In-App & Desktop Notification for Jira (version 1.6.13_J8). The vulnerability enables an unauthenticated/user-discovery disclosure: an attacker can obtain a list of valid Jira usernames through the URL plugins/servlet/nfj/UserFilter?searchQuery=@ without authoriza...