INC-139867 · Issue 588757
Additional security for encrypted passwords
Resolved in Pega Version 8.5.1
Handling and cleanup has been updated for encrypted values to enhance security.
INC-134315 · Issue 578366
Resolved 400 error on second browser session
Resolved in Pega Version 8.5.1
When accessing application URLs in two tabs of a browser window, logging into the second session was throwing a 400 invalid request. This has been resolved by adding specified activities to an allow list which will bypass URLObfuscation in un-authenticated mode. Non-listed activities will be processed using URLObfuscation if it is enabled.
INC-130500 · Issue 580623
Cross-site scripting protections updated for authorization
Resolved in Pega Version 8.5.1
Cross-site scripting protections have been updated for various URLs associated with authorization.