Details
-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
7.3.9, 8.5.2
-
7.03
-
3
-
Severity 3 - Minor
-
0
-
Description
The Jira icalendar plugin exposes search filters that are shared as public when using the REST api /rest/ical/1.0/ical/config/query/options even when you are logged out. Testing steps
- Install any version of Jira 7.x
- Install the icalendar plugin
- Log out of the Jira and test the following endpoint http://localhost:8080/rest/ical/1.0/ical/config/query/options?_=1440617535208.
It is expected that no info is output in the json when the user is logged out