Issue with the Sandbox directive on the Content Security Policy rule form has been fixed
Valid from Pega Version 7.2.2
An issue that related to the Sandbox directive not being applied, even after a value in the Content Security Policy rule form was selected, has been fixed. As a result, restrictions that are applied based on the settings in the Sandbox directive are now more closely aligned with the World Wide Web Consortium (W3C) specification than in previous releases. You should test your Content Security Policy to ensure that this change does not cause unexpected behavior in your application, such as making the security policy too restrictive.
Known issue: SAML IdP import uses only the last certificate
Valid from Pega Version 7.4
When you configure the identity provider for a SAML SSO authentication service, the backing keystore rule for the verification certificate is created with only the last certificate from the IdP metadata, instead of using all of the certificates.