Notifications

180 views

Description

An end user/ users with no roles is able to see the personal information of users who post on the activity formatter in the incident.

 

Steps to Reproduce

  1. Impersonate a user with no roles.

  2. Navigate to Incident > Open.

  3. Open any incident and scroll down to the activity formatter.

  4. Click the user profile of anyone who has posted comments on the formatter.

    Note that the user is able to see the information.

Workaround

Contact Customer Support for installation of a macro that will disable the display of all profile cards.


Related Problem: PRB733497

Seen In

There is no data to report.

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2018-04-16 09:59:51
Published:2017-08-02