Uploaded image for project: 'Jira Cloud'
  1. Jira Cloud
  2. JRACLOUD-39682

"Assignee" and "reporter" pickers in issue search expose user data

    XMLWordPrintable

Details

    • Support Request
    • Resolution: Answered
    • Low
    • None
    • 6.1
    • None

    Description

      We're an agency with multiple clients on JIRA. Similar to JRA-7889, when any of our users search for issues and use the "assignee" or "reporter" dropdowns, they can see all other users of the systems which is effectively a full list of our clients.

      This is a major security problem for us, as it exposes our whole client list, with their emails, to every user.

      We need a way to select that people only see certain other people (their coworkers, and us).

      Attachments

        Issue Links

          is related to

          Support Request - Issue that is likely specific to the installation JRASERVER-39682 "Assignee" and "reporter" pickers in issue search expose user data

          • Low - Low priority issues
          • Closed
          relates to

          Suggestion - JRACLOUD-7776 When adding watchers, the user-picker dialog should only show users who have access to the project.

          • Closed

          Activity

            People

              Unassigned Unassigned
              a1dab47db157 Matthew Weinberg
              Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: