INC-168914 · Issue 659658
Updates added against Cross-site Scripting
Resolved in Pega Version 8.4.5
Cross-site Scripting (XSS) protections have been updated for the UI.
INC-169203 · Issue 646099
Robotics Desktop Automation correctly runs on subsequent tabs
Resolved in Pega Version 8.4.5
When using Customer Service (CRM) to call Robotics Desktop Automation (RDA) from a data page, closing the first interaction tab after the RDA automation was completed resulted in the automation not being triggered for the second tab. If the first tab was not closed, the automation on the second worked as expected. Investigation showed the attachOnUnload was unregistering the client actions for all the open tabs and the attachOnLoad was not being called on reload. This has been resolved by updating attachOnLoad so it is now called with InvokeOnReload as 'true' to register client action for the tab in focus.
INC-174468 · Issue 650945
Delegated rules search considers localized text
Resolved in Pega Version 8.4.5
The search / filter box used to look for particular delegated rules on the configuration tab did not consider localization via field values, where the on screen name and description of the delegated rule was localized. This resulted in the search text being compared against the original text (.pyAdviceText and .pyDescription) used for the name and description at the time the rule was delegated, but not with the localized text that actually appeared on the screen. This has been resolved by updating the pzPopulateDelegations activity to filter by localized values of pyAdviceText and pyDescription.
INC-178070 · Issue 658424
Browser invocation allowed for UnlockOperator
Resolved in Pega Version 8.4.5
Attempting to unlock an operator who was locked out due to security policies was failing. This was an unintended side effect of security work performed earlier, and has been resolved by reenabling 'Allow invocation from browser ' for pzUnlockOperator. This activity requires an authentication check with privilege protection.