Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Download resolved issues

Go to download resolved issues by patch release.

See Platform Release Notes

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

Please note: beginning with the Pega Platform 8.7.4 Patch, the Resolved Issues have moved to the Support Center.

Platform Version

Capability

Security
(Clear filters)

SR-B14745 · Issue 285506

pzSUS Param properly URLEncoded

Resolved in Pega Version 7.3

The Tomcat 8+ server was rejecting DWA URLs due to characters such as {,} that it considered to be unsafe. These characters were introduced by pzSus key in the URL, and these values will now be encoded for the browser to resolve these issues.

SR-B17270 · Issue 288020

XSS filtering added to Autocomplete highlighting

Resolved in Pega Version 7.3

XSS filtering has been added to Autocomplete highlighting for better security.

SR-B30747 · Issue 297009

XSS filtering added to report browser CategoryDescription

Resolved in Pega Version 7.3

The list of categories on the right in the report browser allowed some HTML tags to be applied when added to the label. XSS filters have been applied to the CategoryDescription labels to improve security.

SR-B33262 · Issue 289812

IACAuthentication security improved

Resolved in Pega Version 7.3

The IACAuthentication activity assumed third party authentication and did not check for a password. In order to improve security, default password validation has been added to the shipped IACAuthentication activity.

SR-B37039 · Issue 293524

Security upgrade for Struts2

Resolved in Pega Version 7.3

To improve security, Apache Struts2 has been upgraded to version 2.3.32 .

SR-B37306 · Issue 293862

Security upgrade for Struts2

Resolved in Pega Version 7.3

To improve security, Apache Struts2 has been upgraded to version 2.3.32 .

SR-B37351 · Issue 288347

FTP connection test loads authentication profile

Resolved in Pega Version 7.3

The FTP Server Test connectivity button was not working if the server did not allow anonymous connections. This was due to tests not loading the Authentication Profile, and the system has been updated to load the profile during the connection build process.

SR-B37427 · Issue 293709

Security upgrade for Struts2

Resolved in Pega Version 7.3

To improve security, Apache Struts2 has been upgraded to version 2.3.32 .

SR-B37598 · Issue 293711

Security upgrade for Struts2

Resolved in Pega Version 7.3

To improve security, Apache Struts2 has been upgraded to version 2.3.32 .

SR-B37780 · Issue 293894

Security upgrade for Struts2

Resolved in Pega Version 7.3

To improve security, Apache Struts2 has been upgraded to version 2.3.32 .

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us