The Confluence Login page should not gives details of build version to unauthenticated users

2017-01-13T04:59:00
ID ATLASSIAN:CONFSERVER-45757
Type atlassian
Reporter mkhairuliana
Modified 2018-08-17T06:05:52

Description

The login page discloses detailed version information of the application to unauthenticated users.

!screenshot-1.png|thumbnail!

This information facilitates finding vulnerabilities for possible attackers

suggestion: Remove the build number completely in the login page