Configure an issue security level that makes issues visible only to users of a certain group. Create an issue and set that security level for that issue. Create a sub-task of the issue.
Expected result: Either it is possible to set the security level on the sub-task, or the sub-task has the same security level as the parent issue.
Actual result: There is no field for entering the security level in the sub-task form, and the sub-task has default security level (visible to everyone).
We have leaked some important business information because of this bug.