I think it would be wise to add a nice long message about *not* reporting security issues through JIRA on our issue tracker summary page and advise them to email security@. And if there is a way to put this text in the Create New Issue page, that's good too.
- Adding security how-to message to Jira Paul Benedict
- Re: Adding security how-to message to Jira Lukasz Lenart
- Re: Adding security how-to message to Jira Maurizio Cucchiara
