CVE-2021-26086

Atlassian Jira Server and Data Center contain a path traversal vulnerability that allows a remote attacker to read particular files in the /WEB-INF/web.xml endpoint. Vendor/Product: Atlassian Jira Server and Data Center. Added to CISA KEV 2024-11-12; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.