INC-178070 · Issue 658679
Browser invocation allowed for UnlockOperator
Resolved in Pega Version 8.6.1
Attempting to unlock an operator who was locked out due to security policies was failing. This was an unintended side effect of security work performed earlier, and has been resolved by reenabling 'Allow invocation from browser ' for pzUnlockOperator. This activity requires an authentication check with privilege protection.
INC-180603 · Issue 661738
Added protections for GetSiblings
Resolved in Pega Version 8.6.1
Cross-site scripting protections have been updated for the GetSibling activity.