Description: Hi,there.I found the sim.starbucks.com host deployed the jira server which version is 7.9.2,there is many public vulnerability on this low version.
Information disclosured vulnerability
visit the URL address,you can check the user whether is exist on this host
So the attacker can enumerate all existing users on this jira server.
visit the URL address,the server will leaking some server's information
updated the jira server's version or fixed
PS:Can starbucks's team check my other report #533836 status?the report is not updated for too long. Thank you.looking forward for your reply. Best regards! @johnstone
Leaking some information about the server