Ability to view members of Confluence Groups without logging in

Navigate to link without logging into Confluence https://confluence.atlassian.com/users/userpicker.action

You can search Users and Memberships who are part of the tool. Moreover, in the membership tab, just enter confluence-administrators, you would then be able to see the list of them. Just entering confluence shows all groups starting with Confluence.

You may not want to display the name of the groups without logging in. Disabling this feature completely for non logged in users would make more sense.

This was identified as one of the security issue in internal security testing where a tools information and membership is visible without logging in.