Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
As a part of penetration testing, we crawled JIRA and as you can see in the below screenshot, JIRASESSIONID values are visible/discovered while crawling the JIRA website.
We would like to know why are they accessible? Are they valid?