diff --git a/content/security/reporting.adoc b/content/security/reporting.adoc
index 826c908937f5..0e1cd8e04a1e 100644
--- a/content/security/reporting.adoc
+++ b/content/security/reporting.adoc
@@ -82,7 +82,7 @@ The following behaviors/issues are not vulnerabilities in Jenkins project infras
 * Issues in issues.jenkins.io are publicly accessible, and anyone can sign up to become an authenticated user.
   This is deliberate, the Jenkins project hosts link:/participate/report-issue/[a public issue tracker].
   Only issues in the SECURITY project are sensitive, and they require specific permissions to access.
-  - File attachments of public issues are also publicly accessible (URLs starting with `+https://issues.jenkinsio/secure/attachment/+`).
+  - File attachments of public issues are also publicly accessible (URLs starting with `+https://issues.jenkins.io/secure/attachment/+`).
     This is deliberate as well.
   - Some PoCs for vulnerabilities in Jira may appear successful if it is configured to be accessible anonymously.
     Please do not report issues whose fixes we already have applied, check the version reported on the UI first.