Problem
When an administrator defines conditions to add (or remove) users to programs or cohorts, the rules were executed against every user in the system up to (and including ) HCE 3.9.12. This presented a security risk as many administrators forgot to define conditions to omit OCI users from their programs / cohorts and as a result, ended up in courses that were meant for internal staff only.
Solution
As of 3.9.13, OCI users are skipped whenever conditions for programs and cohorts are evaluated.
Related Articles