Given that this vulnerability is still in triage, I will give a vague overview of the bug chain. Whilst working on my automation, I was investigating various interesting subdomains that it had found.
I consider myself, in my infinite laziness, to be primarily an information disclosure-oriented hunter. This is, of course, subject to change, but due to work commitments and whatnot, this is what I am
While doing my own research recently, I discovered exposed Jira dashboards for several companies. While there is no guarantee that those companies own those dashboards, it is a reasonably safe assumption to make.