SR-B75677 · Issue 326354
Password set removed from Lock and Roll tool
Resolved in Pega Version 7.3.1
The way the Lock and Roll tool set passwords was confusing and often caused a new application to be created with the wrong password, preventing updating the new rule or even requiring administrators to manually create the application rules. To resolve this, pzLPLockAndRollApplication has been changed to remove the setting of pySetPassword and pySetPasswordConfirmText so the values will be empty for the new version.
SR-B56648 · Issue 315674
Added security check when running out-of-the-box reports with ShowSelectorView
Resolved in Pega Version 7.3.1
A security issue was found where non-authorized users were able to access the out-of-the-box report details in their portal by manipulating the URL to pass a "short-cut" parameter that executed the Final "ShowSelectorView" activity. To avoid the need to set the explicit privileges manually, the ShowSelectorView activity will call a security check to prevent this.