-
Type:
Bug
-
Resolution: Timed out
-
Priority:
Low
-
Component/s: Administration - System - General Configuration
-
4
-
Severity 3 - Minor
On OnDemand instances, the feature is enabled by default at
<instanceURL>/secure/admin/ViewApplicationProperties.jspa when the documentation Configuring JIRA Options specifies that it should be Default: OFF
This causes that on every OnDemand instance, the URL <instanceURL>/secure/ContactAdministrators!default.jspa provides a form that anyone can send messages with to administrators.
It could be security problem as it doesn't contain a captcha.