SR-C81112 · Issue 417682
XXE security improvements
Resolved in Pega Version 8.2
Several updates have been made to improve security against External Entity Injection, including to the following areas: ProcessXSLT, performXSLT, DCOdocumentToBytes, DCOgetStringFromDocument, getTaskStatusXML, pzPMMLTransform, getTaskStatusXML, and validateAgainstXSD.
SR-C72572 · Issue 414584
XXE security improvements
Resolved in Pega Version 8.2
Several updates have been made to improve security against External Entity Injection, including to the following areas: ProcessXSLT, performXSLT, DCOdocumentToBytes, DCOgetStringFromDocument, getTaskStatusXML, pzPMMLTransform, getTaskStatusXML, and validateAgainstXSD.
SR-C72571 · Issue 413004
XXE security improvements
Resolved in Pega Version 8.2
Several updates have been made to improve security against External Entity Injection, including to the following areas: ProcessXSLT, performXSLT, DCOdocumentToBytes, DCOgetStringFromDocument, getTaskStatusXML, pzPMMLTransform, getTaskStatusXML, and validateAgainstXSD.
SR-C71673 · Issue 410561
XXE security improvements
Resolved in Pega Version 8.2
Several updates have been made to improve security against External Entity Injection, including to the following areas: ProcessXSLT, performXSLT, DCOdocumentToBytes, DCOgetStringFromDocument, getTaskStatusXML, pzPMMLTransform, getTaskStatusXML, and validateAgainstXSD.
SR-C72570 · Issue 413020
XXE security improvements
Resolved in Pega Version 8.2
Several updates have been made to improve security against External Entity Injection, including to the following areas: ProcessXSLT, performXSLT, DCOdocumentToBytes, DCOgetStringFromDocument, getTaskStatusXML, pzPMMLTransform, getTaskStatusXML, and validateAgainstXSD.
SR-C68713 · Issue 407255
Moment udated to latest version
Resolved in Pega Version 8.2
Moment.js has been updated to version 2.22.2 .
SR-C71432 · Issue 410184
Moment udated to latest version
Resolved in Pega Version 8.2
Moment.js has been updated to version 2.22.2 .
SR-C66627 · Issue 406212
Placeholder text localized for approval rejection
Resolved in Pega Version 8.2
Localization has been added to the placeholder text of the approval reject step.
SR-C56534 · Issue 399504
Struts updated to v 2.5.16
Resolved in Pega Version 8.2
To address the latest Struts vulnerability, Universal SMA has been updated to Struts version 2.5.16.
SR-C22990 · Issue 364504
Struts updated to v 2.5.16
Resolved in Pega Version 8.2
To address the latest Struts vulnerability, Universal SMA has been updated to Struts version 2.5.16.