Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Go to download resolved issues by patch release.

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

Please note: beginning with the Pega Platform 8.7.4 Patch, the Resolved Issues have moved to the Support Center.

SR-B95798 · Issue 344526

XSS filtering added to GetTour

Resolved in Pega Version 7.4

Cross scripting filtering has been added to pxGetTour java step 7, which prepares JSON.

SR-C1107 · Issue 351146

Oauth tokens obtained on login timeout

Resolved in Pega Version 7.4

When the client idle time expires, the user must perform a login in order to get back into the application. If OAuth is being used for authentication there is no need to re-send the credentials to NetIQ if neither the refresh token nor access token are expired yet, but the hybrid client was repeating the ROPC flow and obtaining a new refresh token each time the user logged in after the client idle timeout expires. With this change, the tokens are obtained on login timeout. There will be a further update targeted for the next release to show the lock screen and not log the user out.

SR-C1107 · Issue 351606

Oauth tokens obtained on login timeout

Resolved in Pega Version 7.4

When the client idle time expires, the user must perform a login in order to get back into the application. If OAuth is being used for authentication there is no need to re-send the credentials to NetIQ if neither the refresh token nor access token are expired yet, but the hybrid client was repeating the ROPC flow and obtaining a new refresh token each time the user logged in after the client idle timeout expires. With this change, the tokens are obtained on login timeout. There will be a further update targeted for the next release to show the lock screen and not log the user out.

SR-C147 · Issue 343884

Security improvements for generateCellContent RUF

Resolved in Pega Version 7.4

Code changes have been made to improve security for getting the parameter value in the generateCellContent RUF.

SR-C1787 · Issue 346038

XSS filtering added for insHandle

Resolved in Pega Version 7.4

XSS filtering has been added for the inshandle parameter in the downloadFile activity.

SR-C1787 · Issue 320158

Exception message will not include invalid filename

Resolved in Pega Version 7.4

To enhance security, the exception message In the activity Rule-File-Binary.downloadFile will not display the invalid filename.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us