Information disclosure through directory listing at http://dockerhost01.maximum.nl:8080

Hello! Description: Information disclosure through enabled directory listing. Links as poc: http://dockerhost01.maximum.nl:8080 http://dockerhost01.maximum.nl:8080/logs/ (See pic 1 2 3 ) The unauthenticated user can get some juicy info about internal infrastructure, docker containers, logs, tokens and etc There is also some design issues with api. User can request infrastructure information without any authentication. Links as poc: http://dockerhost01.maximum.nl:8080/api/v1/nodes For obvious reasons, I can not check whether this service is in scope, thats why i haven't searched for any critical informations and haven't check tokens and other stuff Please let me know if you need some extra information. Sorry for out of scope report, i thought it could be informative for you! Thanks in advance!