Jira User Enumeration via Login.jsp Information Disclosure Vulnerability
CVE-2019-8448 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The login.jsp resource in Jira before version 7.13.4, and from version 8.0.0 before version 8.2.2 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
Learn more about our User Device Pen Test.