What the vulnerability does
01Description
The ManageFilters.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check.
CVSS base score
—
Key dates
02Disclosure timeline
May 22, 2019
CVE published
September 17, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-13253 Advanced PWA - Critical - Access bypass - SA-CONTRIB-2024-017
CVE-2020-26223 Authorization bypass in Spree
CVE-2026-25127 OpenEMR has Broken Access Control on Care Coordination Module
CVE-2026-30229 Parse Server: Endpoint `/loginAs` allows `readOnlyMasterKey` to gain full read and write access as any user
CVE-2025-43565 ColdFusion | Incorrect Authorization (CWE-863)
