The /rest/api/latest/groupuserpicker resource in Jira before version 8.4.0 allows remote malicious users to enumerate usernames via an information disclosure vulnerability.
User Enumeration Proof Of Concept Exploit for CVE-2019-8449
CVE-2019-8449
Proof Of Concept Exploit for CVE-2019-8449
Jira < 840
User Enumeration
Detail: wwwcvedetailscom/cve/CVE-2019-8449/
Usage
$ go run CVE-2019-8449go -f USERFILEtxt -p 8080 -u examplecom
One stop place for exploiting Jira instances in your proximity
Jiraffe
Jiraffe - One stop place for exploiting all Jira instances in your proximity
Installation
|
Usage
|
Demo
|
Documentation
Features
Jiraffe is a sem
JIRA"YA is a vulnerability analyzer for JIRA instances. It runs active scans to identify vulnerabilities by interacting with the host and conducting tests.
JIRA"YA - JIRA Yet Another vulnerability Analyzer by @FR13ND0x7f
What is JIRA?
JIRA is a popular p
One stop place for exploiting Jira instances in your proximity
Jiraffe
Jiraffe - One stop place for exploiting all Jira instances in your proximity
Installation
|
Usage
|
Demo
|
Documentation
Features
Jiraffe is a sem