SR-B36134 · Issue 294006
Security fix to prevent URL tampering
Resolved in Pega Version 7.3
Pasting a URL that corresponds to an activity to invoke express on the browser URL allowed end users to get the express experience. To secure the system, the portal switching logic has been hardened to reinforce a portal check against access group privileges and to allow for equivalencies.
SR-B36134 · Issue 294147
Security fix to prevent URL tampering
Resolved in Pega Version 7.3
Pasting a URL that corresponds to an activity to invoke express on the browser URL allowed end users to get the express experience. To secure the system, the portal switching logic has been hardened to reinforce a portal check against access group privileges and to allow for equivalencies.
SR-B36134 · Issue 294001
Security fix to prevent URL tampering
Resolved in Pega Version 7.3
Pasting a URL that corresponds to an activity to invoke express on the browser URL allowed end users to get the express experience. To secure the system, the portal switching logic has been hardened to reinforce a portal check against access group privileges and to allow for equivalencies.
SR-B36134 · Issue 294080
Security fix to prevent URL tampering
Resolved in Pega Version 7.3
Pasting a URL that corresponds to an activity to invoke express on the browser URL allowed end users to get the express experience. To secure the system, the portal switching logic has been hardened to reinforce a portal check against access group privileges and to allow for equivalencies.
SR-B36175 · Issue 293408
Signature controls fixed for offline cases
Resolved in Pega Version 7.3
Signature capture controls were not capturing the signature on mobile devices. This was caused by Signature control being incorrectly disabled based on workobjID for offline cases, and has been fixed.
SR-B36194 · Issue 292748
Change in value filter added for Declare rule trigger
Resolved in Pega Version 7.3
Declare rules were getting triggered even when there was no change in the value of the property. This was due to a lack of a filter in the code to verify whether it was a new property or not, and that has now been added.
SR-B36228 · Issue 292442
Improved RuntimeCacheImpl performance
Resolved in Pega Version 7.3
There was unnecessary contention within the RuntimeCacheImpl when that class was asked to provide information about a blank class name. To correct this and improve performance, a check for the empty class name has been moved out of the synchronized block to the top of this method.
SR-B36254 · Issue 293924
Removed error appearing on multiple tabs
Resolved in Pega Version 7.3
On a multiple tab scenario when client side validation was triggered on a specific tab ad that layout was under a tabbed repeat in a section, a warning icon appeared on other tabs as well. This is due to marking for tab repeat not being supported at this time: in these conditions, the system will skip the marking error.
SR-B36260 · Issue 296921
Fixed mobile native control submit clearing property/date
Resolved in Pega Version 7.3
When the "native control on mobile" option is checked for a date-time property, a runtime error on submit cleared the property value/date value. To correct this, if the datetime property gets any error messages on submitting the screen, the response of the datetime control will not generate the Value or overwrite it.
SR-B36307 · Issue 292510
prconfig added to disable tracer checks in census
Resolved in Pega Version 7.3
There was some contention when checking for tracer to log trace events for access denials in a census application. Since tracer is not used in census, a prconfig switch has been added to disable these tracer checks.