SR-B35987 · Issue 296514
Improved backwards compatibility for migrated rules with Declare Expressions
Resolved in Pega Version 7.3
The current activity pzUpdateConditionsList did not have backward compatibility for "AND" and "OR" operators in rules created with older version of Pega Platform that allowed the use of "And" and "Or". This has been resolved by adding a check for equalsIgnoreCase when converting "And" to "&&".
SR-B36091 · Issue 292431
Hazelcast logging added with updated jar
Resolved in Pega Version 7.3
Additional Hazelcast logging has been added and and the prcluster-7.1.jar has been rebuilt for better reliability.
SR-B36134 · Issue 294119
Security fix to prevent URL tampering
Resolved in Pega Version 7.3
Pasting a URL that corresponds to an activity to invoke express on the browser URL allowed end users to get the express experience. To secure the system, the portal switching logic has been hardened to reinforce a portal check against access group privileges and to allow for equivalencies.
SR-B36134 · Issue 294006
Security fix to prevent URL tampering
Resolved in Pega Version 7.3
Pasting a URL that corresponds to an activity to invoke express on the browser URL allowed end users to get the express experience. To secure the system, the portal switching logic has been hardened to reinforce a portal check against access group privileges and to allow for equivalencies.
SR-B36134 · Issue 294147
Security fix to prevent URL tampering
Resolved in Pega Version 7.3
Pasting a URL that corresponds to an activity to invoke express on the browser URL allowed end users to get the express experience. To secure the system, the portal switching logic has been hardened to reinforce a portal check against access group privileges and to allow for equivalencies.
SR-B36134 · Issue 294001
Security fix to prevent URL tampering
Resolved in Pega Version 7.3
Pasting a URL that corresponds to an activity to invoke express on the browser URL allowed end users to get the express experience. To secure the system, the portal switching logic has been hardened to reinforce a portal check against access group privileges and to allow for equivalencies.
SR-B36134 · Issue 294080
Security fix to prevent URL tampering
Resolved in Pega Version 7.3
Pasting a URL that corresponds to an activity to invoke express on the browser URL allowed end users to get the express experience. To secure the system, the portal switching logic has been hardened to reinforce a portal check against access group privileges and to allow for equivalencies.
SR-B36175 · Issue 293408
Signature controls fixed for offline cases
Resolved in Pega Version 7.3
Signature capture controls were not capturing the signature on mobile devices. This was caused by Signature control being incorrectly disabled based on workobjID for offline cases, and has been fixed.
SR-B36194 · Issue 292748
Change in value filter added for Declare rule trigger
Resolved in Pega Version 7.3
Declare rules were getting triggered even when there was no change in the value of the property. This was due to a lack of a filter in the code to verify whether it was a new property or not, and that has now been added.
SR-B36228 · Issue 292442
Improved RuntimeCacheImpl performance
Resolved in Pega Version 7.3
There was unnecessary contention within the RuntimeCacheImpl when that class was asked to provide information about a blank class name. To correct this and improve performance, a check for the empty class name has been moved out of the synchronized block to the top of this method.