-
Bug
-
Resolution: Not a bug
-
Medium (View bug fix roadmap)
-
None
-
6.1.6
-
None
-
6.01
-
When you enter the URL of a private JIRA instance on the Quick Search from the login page, you will be directed to the Issue Navigator.
If you click the "Status" drop down button, you the unauthenticated user would be able to see the status codes.
If you click "Find filters" you would be able to see the names of filters, wherein the visibility was set to "All users".
This is really critical for all users, especially those information are confidential and shouldn't be visible to unauthenticated users.
- relates to
-
JRASERVER-22207 Add warning to Shared Filter explaining consequence of 'everyone'
-
- Closed
-
Unauthenticated User can access certain pages on a private JIRA instance
-
Bug
-
Resolution: Not a bug
-
Medium
-
None
-
6.1.6
-
None
-
6.01
-
When you enter the URL of a private JIRA instance on the Quick Search from the login page, you will be directed to the Issue Navigator.
If you click the "Status" drop down button, you the unauthenticated user would be able to see the status codes.
If you click "Find filters" you would be able to see the names of filters, wherein the visibility was set to "All users".
This is really critical for all users, especially those information are confidential and shouldn't be visible to unauthenticated users.
- relates to
-
JRASERVER-22207 Add warning to Shared Filter explaining consequence of 'everyone'
-
- Closed
-