Under some circumstances a user with access rights limited according to the field security scheme may be able to access a hidden field value.
This issue affects security features provided by Fields Security Plugin only and does not affect any core Jira features.
This vulnerability is rated as Critical according to Atlassian's Severity Levels for Security Issues.
This issue affects all JFS versions for JIRA 8.0-8.8 starting from JFS 1.4.49_80 and up and is fixed in JFS 1.4.59 for JIRA 8.0-8.9.
Upgrade to JFS 1.4.59. There is no need to re-apply the JFS patch.
Please contact email@example.com in case of any questions.