I noticed that on several installs, Confluence by default displays its full version number and sometimes build number to the world.

It is a commonly accepted web security practice to withhold all product details, including version information, except to users on a "need to know" basis. Otherwise, you provide hackers key information they can use to attack your systems.

It is also a commonly accepted web security practice for applications to be secure in their default configuration.

Please have Confluence's default configuration respect best practices and withhold all product details except to product administrators or those authorized by the administrators.