diff --git a/network-services-pentesting/pentesting-web/jira.md b/network-services-pentesting/pentesting-web/jira.md
index c3582476..70f5d160 100644
--- a/network-services-pentesting/pentesting-web/jira.md
+++ b/network-services-pentesting/pentesting-web/jira.md
@@ -23,6 +23,15 @@ Inside a Jira instance **any user** (even **non-authenticated**) can **check its
 If a **non-authenticated** user have any **privilege**, this is a **vulnerability** (bounty?).\
 If an **authenticated** user have any **unexpected privilege**, this a a **vuln**.
 
+Update: As of 18th September 2023 - the 'mypermissions' endpoint requires a 'permission' parameter with one of the following parameters
+[https://developer.atlassian.com/cloud/jira/platform/change-notice-get-my-permissions-requires-permissions-query-parameter/#change-notice---get-my-permissions-resource-will-require-a-permissions-query-parameter](https://developer.atlassian.com/cloud/jira/platform/change-notice-get-my-permissions-requires-permissions-query-parameter/#change-notice---get-my-permissions-resource-will-require-a-permissions-query-parameter)
+- BROWSE_PROJECTS
+- CREATE_ISSUES
+- ADMINISTER_PROJECTS
+
+Example: `https://your-domain.atlassian.net/rest/api/2/mypermissions?permissions=BROWSE_PROJECTS,CREATE_ISSUES,ADMINISTER_PROJECTS`
+
+
 ```bash
 #Check non-authenticated privileges
 curl https://jira.some.example.com/rest/api/2/mypermissions | jq | grep -iB6 '"havePermission": true'