Activity shows issues and text of issues which should not
If as user only allowed to see your issues (Issues assigned or created by user) and you click on a different member of the project from the Project overview side.
- You will see all the tickets assigned to that user and some of the content of the tickets as well.
- If you click on a ticket from the activity you will get 403 Forbidden.
This may be applicable on other kind of activities.