Description
The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.
Remediation
References
Related Vulnerabilities
WordPress Plugin CF7 Invisible reCAPTCHA Cross-Site Scripting (1.3.1)
WordPress Plugin Tutor LMS-eLearning and online course solution Multiple Vulnerabilities (1.7.6)
WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.6.1)
phpMyAdmin Improper Input Validation Vulnerability (CVE-2016-9859)
WordPress Plugin Import all XML, CSV & TXT into WordPress Cross-Site Scripting (6.4.2)