According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.5.14, 8.6.x < 8.13.6 or 8.14.x < 8.16.1. It is, therefore, affected by a path traversal vulnerability in the /WEB-INF/web.xml endpoint allowing remote attackers to read particular files.
Note that the scanner has not tested for these issues but has instead relied only on the applicationβs self-reported version number.
No source data