The API in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to determine if a Jira project key exists or not via an information disclosure vulnerability.Referenceshttps://jira.atlassian.com/browse/JRASERVER-70565
