Sensitive data exposure via https://███/secure/QueryComponent!Default.jspa - CVE-2020-14179

##Summary: Information Disclosure vulnerability in outdated Jira. ##Description: Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. Step-by-step Reproduction Instructions Visit URL: https://████████/secure/QueryComponent!Default.jspa to view exposed information in any web browser. ##Product, Version, and Configuration The affected versions are before version 8.5.8, and from version 8.6.0 before 8.11.1. Suggested Mitigation/Remediation Actions Update affected Jira version according to vendor instructions. ## Impact Unauthenticated attackers to view custom Jira field names and custom SLA names.