This Metasploit module exploits an information disclosure vulnerability that allows an unauthenticated user to enumerate users in the /ViewUserHover.jspa endpoint. This only affects Jira versions < 7.13.16, 8.0.0 ≤ version < 8.5.7, 8.6.0 ≤ version < 8.11.1 Discovered by Mikhail Klyuchnikov @__mn1__ This Metasploit module has been tested on versions 8.4.1, 8.5.6, 8.10.1, 8.11.0.
9986ec180d087e713848f6f47f32573f8332f188e2e0668566a302808f278b36Atlassian JIRA version 8.11.1 suffers from a user enumeration vulnerability.
6584245530e79f39f2415efeba748683f667c83104fcd83cfe44d6c6ab433980
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed