{"uuid": "aefe4a65-d045-4569-948e-64a8915f77e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14181", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1983", "content": "#exploit\nCVE-2020-14181:\nAtlassian Jira Server/Data Center (<7.13.6, 8.0.0-8.5.7, 8.6-8.12) allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the \n/ViewUserHover.jspa endpoint (PoC)\nhttps://github.com/chaitin/xray/pull/911/commits\n... is easy exploitable simply by browsing:\nhttps://server/secure/ViewUserHover.jspa?username=username_to_test, eg https://server/secure/ViewUserHover.jspa?username=admin", "creation_timestamp": "2021-11-02T04:29:14.000000Z"}