The instance has been found vulnerable to CVE-2021-26086. And this allows remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. More info here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26086
The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1.
To fix this, you should update to the most recent version.
Found pom.properties through CVE-2021-26086:
#Generated by Maven
#Thu Jan 14 13:36:09 UTC 2021
version=8.13.3
groupId=com.atlassian.jira
artifactId=jira-webapp-dist
Found pom.properties through CVE-2021-26086:
#Generated by Maven
#Thu Jan 14 13:36:09 UTC 2021
version=8.13.3
groupId=com.atlassian.jira
artifactId=jira-webapp-dist
Found pom.properties through CVE-2021-26086:
#Generated by Maven
#Thu Jan 14 13:36:09 UTC 2021
version=8.13.3
groupId=com.atlassian.jira
artifactId=jira-webapp-dist
bip! I'm a LeakIX probe. This issue looks like it has been resolved!