Hello theendlessweb team,
the Jira instance on jira.theendlessweb.com is vulnerable to CVE-2020-14179 which allows remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability
{F1029731}
Navigate to https://jira.theendlessweb.com/secure/QueryComponent!Default.jspa
https://vulners.com/cve/CVE-2020-14179
##Remediation
Upgrading your jira instance to the most up-to-date one.
##Best Regards,
nagli.
Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. The affected versions are before version 8.5.8, and from version 8.6.0 before 8.11.1.