The instance has been found vulnerable to CVE-2021-26086. And this allows remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. More info here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26086
The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1.
To fix this, you should update to the most recent version.
Found pom.properties through CVE-2021-26086: #Generated by Maven #Tue Mar 16 13:10:48 UTC 2021 version=8.13.5 groupId=com.atlassian.jira artifactId=jira-webapp-dist
bip! I'm a LeakIX probe. This issue looks like it has been resolved!