Skip to content

Latest commit

 

History

History
26 lines (23 loc) · 787 Bytes

README.md

File metadata and controls

26 lines (23 loc) · 787 Bytes

CVE-2019-8449

CVE-2019-8449 Exploit for Jira Releases Below v8.3.4

CVSS Score: 5.0
Vulnerability Type(s): Information Disclosure
Authentication: Not Required
Affected Versions: 2.1 - 8.3.4
Publish Date: 2019-09-11
Exploit-DB: https://www.exploit-db.com/exploits/47990

Description

The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote attackers to enumerate usernames via an information disclosure vulnerability.

Usage

python CVE-2019-8449.py

Links