Description
An information disclosure vulnerability in Jira allows an unauthenticated user to enumerate users via /ViewUserHover.jspa endpoint.
Remediation
Upgrade to the latest version of Jira
References
Related Vulnerabilities
Joomla! Core Information Disclosure (1.5.0 - 3.8.1)
PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7486)
Unprotected phpMyAdmin interface
WordPress Plugin Duplicate Page Multiple Vulnerabilities (2.3)
WordPress Plugin Simple History Information Disclosure (1.0.7)