INC-164439 · Issue 657997
Setting added to customize using blank Map values
Resolved in Pega Version 8.6.1
After update to from Pega 6 to Pega 8 some of the Map Value rules were not working. This was due to the handling for blank default values which was changed in Pega 7. In order to support backwards compatibility, a new 'when' rule has been added which allows customizing whether or not blank values are allowed for the Map value default columns. pyAllowBlankValues will default to "false".
INC-165256 · Issue 657038
Improvements for Offer Eligibility rules loading time
Resolved in Pega Version 8.6.1
After opening the Proposition filter/Action rule and clicking on Add Criteria, the pxAnyPicker drop down load was taking an excessive amount of time. Performance improvements have been made by adding a precondition at step 2 to avoid data page refresh for specific scenarios when it is not required.
INC-168914 · Issue 659660
Updates added against Cross-site Scripting
Resolved in Pega Version 8.6.1
Cross-site Scripting (XSS) protections have been updated for the UI.
INC-171257 · Issue 651733
Expanded results for Proposition Filter Relevant Record Properties
Resolved in Pega Version 8.6.1
Previously, a maximum of 500 records were returned from pr_data_tag_relevantrecord when using Edit Parameters for the report definition proposition filter rule. In order to accommodate more complex needs, an update has been made to use the D_pxGetClassDataModel data page to fetch all the records and make them available in the dropdown.
INC-174468 · Issue 650943
Delegated rules search considers localized text
Resolved in Pega Version 8.6.1
The search / filter box used to look for particular delegated rules on the configuration tab did not consider localization via field values, where the on screen name and description of the delegated rule was localized. This resulted in the search text being compared against the original text (.pyAdviceText and .pyDescription) used for the name and description at the time the rule was delegated, but not with the localized text that actually appeared on the screen. This has been resolved by updating the pzPopulateDelegations activity to filter by localized values of pyAdviceText and pyDescription.
INC-178070 · Issue 658679
Browser invocation allowed for UnlockOperator
Resolved in Pega Version 8.6.1
Attempting to unlock an operator who was locked out due to security policies was failing. This was an unintended side effect of security work performed earlier, and has been resolved by reenabling 'Allow invocation from browser ' for pzUnlockOperator. This activity requires an authentication check with privilege protection.
INC-180603 · Issue 661738
Added protections for GetSiblings
Resolved in Pega Version 8.6.1
Cross-site scripting protections have been updated for the GetSibling activity.
SR-D37421 · Issue 514593
Cross-site scripting security added to Marketing Offers
Resolved in Pega Version 8.1.8
Cross-site scripting protections have been added to Marketing Offers, which had a potential vulnerability when using Firefox.
SR-D45608 · Issue 519902
Correct service instance name passed for data flow in DSMStatus
Resolved in Pega Version 8.1.8
When using the Connect-HTTP service "DSMStatus" to provide the node and status information as seen on the various tabs of the Designer Studio > Decisioning > Infrastructure > Services landing page, using DataFlow as the service parameter for the HTTP service method resulted in an empty response when the expectation was to get the information regarding the cluster details of Dataflow node type. This was traced to the service instance name not being parsed correctly when used for Data Flow services, and has been resolved by ensuring the correct service instance name is passed for this use.
SR-D47618 · Issue 516300
Statistic rounding error in ADMSnapshot Agent with Oracle corrected
Resolved in Pega Version 8.1.8
While running the ADMSnapshot Agent, the exception "internal.mgmt.Executable) ERROR com.pega.decision.adm.client.ADMException: Failed to complete ADM Data Mart snapshot" was seen. This was traced to an issue with the rounding of performance statistics when using Oracle, and has been resolved.