I've created a page with restricted access.
When someone requests permissions to this page, I revieve an email with a preview of this page.
The page has restricted access for a reason — it contains sensitive data. It's highliy undesirable to leak that data into email account.
I consider this a security issue.
No, that is not fine, because the data is already shared with third party. Without my explicit permission, as far as I can see. The trust issue is not the only one, it's also about expectations. I may intentionally use that mailbox for insensitive data only so I could read it in public places.
Hi Roman, first of all thanks for the feedback mate.
Would you mind creating a feature request ticket so we can have others voting on and discussing this issue? https://jira.atlassian.com/secure/CreateIssue!default.jspa
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG