api/issues/tags currently does not apply authorization filters to the issues, that are queried in the index.
- User A analyses a private project
- an issue is created
- User A tags this issue with "myCustomTag"
- Anonymous searches for tags
- Other then expected, in the example anonymous will see "myCustomTag"