Steps to reproduce the issue:
- Create a new project
- Create a security scheme, with only one security level that allows group Anyone to view the issues
- Associate the security scheme to the project created
- Create two issues on the new project:
- The first issue using the Security Level created
- The second issue without using any Security Level (set it to none)
- Edit the permission scheme associated to the project and add Group (anyone) to Browse Projects permission
- Log out of the instance.
- Go to the issue navigator and search for the issues in that project. You will only view the issue that is not using the security level.
- If you try to access the issue that uses the security level directly by the specific URL, you will be able to view it. It is not shown only in the issue navigator (reindex doesn't help either)
- Set the Security Level to none