My Oracle Support Banner

AR.9.2. User Able To Override Correct History Security And Update Contacts Via Collections Workbench (Doc ID 3012828.1)

Last updated on MARCH 26, 2024

Applies to:

PeopleSoft Enterprise FIN Receivables - Version 9.2 to 9.2 [Release 9]
Information in this document applies to any platform.


A user who doesn't have rights on Correct History is able to update /modify the data on that on the page Create Customer Contacts , by choosing the Collection workbench page.

Issue can be replicated following the next steps :

1. Go to Peopletools>Security>Permission and roles >Roles and search for STAFF. Go to Permission Lists tab and View Definition . On permission list ALLPAGES , choose Menu name MAINTAIN_CONTACT and click on Edit components.On CONTACT_INFO component name click on Edit pages. Uncheck “Correction” action .

2. Assign ROLE STAFF to user <USER>.

3. Access with user <USER> and Go to Customer>Create Customer Contact and check if Correct History is available on page for contact 10 customer 1011. No correct history action button is available.

4. Access with user VP1 on the same page. Notice that correct history is appearing.

5. Access again with user <USER> and go AR> Collection workbench and search for customer 1011.

6. In the customer details section, click on primary contact “secondname.firstname”.

7. Change the email address from <EMAIL_ADDRESS> to <EMAIL_ADDRESS1>. Click Apply and OK – Record is saved even though the user doesn’t have access to correct history for this page of Customer contact-Incorrect!

8. Customer>Create Customer Contact page for contact 10 and customer 1011.Notice that the change has been done.

More details can be seen in the replication document attached.




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.