INC-145033 · Issue 599482
ForgotPassword responses made consistent
Resolved in Pega Version 8.4.4
To prevent possible exposure of valid usernames, the ForgotPassword logic has been updated so that it will show the same messages and set of screens to both valid and invalid users if a lost password request is made.
INC-146434 · Issue 602740
Accessibility added to Security Event Configuration headers
Resolved in Pega Version 8.4.4
Labels for the headers in the Security Event Configuration screen have been converted to dynamic layout headers so they will be detected by JAWS screen reader.
INC-146921 · Issue 601638
Cross-site scripting update for Dev Studio
Resolved in Pega Version 8.4.4
Cross Site Scripting (XSS) protections have been added to Developer Studio.
INC-154627 · Issue 619570
Re-enabled users are able to log in
Resolved in Pega Version 8.4.4
When disabled operators were re-enabled through operator management, the forced password change on next login was manually unchecked but the operators were unable to login because the change password screen was displayed without any password entry fields. This was a missed use case for handling the change password flag on a requestor , and has been resolved by having the system skip setting the change password on next login flag for disabled users.
INC-205666 · Issue 702934
Database table correctly prevents deletion if there are descendant classes
Resolved in Pega Version 8.6.5
When deleting a concrete class with descendant classes via an activity (Rule-.Delete), the Rule-Obj-Class.ValidateDeleteInternal activity was throwing an error message indicating the class could not be deleted due to descendant classes. However, the corresponding database table rule was deleted anyway. Investigation showed this was caused by ValidateDeleteInternal not reaching the Obj-Save-Cancel step. This can be fixed by modifying step 11, the post when conditions, to jump to END and set the END label at the Obj-Save-Cancel step instead Exit-Activity, but this issues has been resolved by updating all failure states to run end step. In addition, security has been updated to disallow "Allow invocation from browser".
INC-205938 · Issue 721200
Improved handling for heavy use of PushDailyUserData
Resolved in Pega Version 8.6.5
The PushDailyUserData agent was causing utility node performance issues due to the amount of data it was fetching from pr_hourly table. To resolve this, an update has been made which will run the agent once per day and chunk large data.
INC-209158 · Issue 722412
Loop handling updated for Decision Table OR conditions
Resolved in Pega Version 8.6.5
The system was crashing when saving or checking in a decision table with 21 columns and 20 rows where each cell contained 1, 2, or 3 OR conditions. Investigation showed this was caused by an indefinite number of loops when 'or' conditions were used in the test consistency activity, and this has been resolved with an update which ensures only the specified number of loops are performed.
INC-211248 · Issue 713158
Survey navigation type set for use with complex CB refresh
Resolved in Pega Version 8.6.5
After upgrade from Pega 7.1 to Pega 8.5, creating a legacy survey used in pxSurveySection with a complex CB question page that contained a refresh option had collapsed tree navigation, the survey name was blank, and duplicate labels were found in picklist questions. To resolve this, an update has been added which will set the navigation type in parameters after a complex CB refresh and skip page copy while upgrading survey work objects.
INC-213918 · Issue 714454
Discard button works consistently
Resolved in Pega Version 8.6.5
After check out, the discard button was not working consistently for decision tables or MapValue. Investigation showed this occurred when an exported file was being downloaded in the same window, as the thread would be busy with the file and not able to perform the discard action on the window. To resolve this, the configuration for the download on the same window has been removed, exportToDecisionTable has been modified to handle an iframe, and a runScript action has been added to register the exportToExcel activity and download in iframe.
INC-215785 · Issue 722553
Corrected logic for parsing imported Excel formula cells
Resolved in Pega Version 8.6.5
Integers specified as cells with formulas in Excel were getting an additional ".0" in them due to them being parsed internally as doubles during the floating point arithmetic of the Apache POI library. This has been resolved by modifying the logic in ExcelUtils.java to apply DataFormatter to get the string value instead of an integer by default for a formula cell.