Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Go to download resolved issues by patch release.

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

INC-155276 · Issue 622816

Null check added for step page

Resolved in Pega Version 8.3.6

After creating and adding new Access Roles and application 'Access When' to the privileges instead of Production level, during run time the error "runtime.IndeterminateConditionalException: Trying to evaluate Rule-Access-When conditions L:IsProdAccess when there is no page to evaluate them against" appeared for the specific privileges. This was traced to a missed use case where the system falls back to the step page if the page for evaluating the 'when' condition is null, which did not account for scenarios where the step page can be null. To resolve this, a null check has been added which will fetch the primary page if the step page for the access 'when' condition is null.

INC-156647 · Issue 626293

Improved disconnected requestor cleanup for FieldService

Resolved in Pega Version 8.3.6

A large number of requestors from FieldService with the status as 'Disconnected' were accumulating and causing performance issues. This was traced to the requestors not getting passivated due to users not logging out and new requestors being created for the same users next time, and was caused by the value of the DSS Initialization/PersistRequestor being set as "OnTimeout". When the DSS prconfig/timeout/browser/default is not configured, the default browser requestor timeout is 60 minutes. In this scenario, requestors were not passivating as the requestor passivation timeout was set to the refresh token lifetime for mobile users, which was very large and overwrote the DSS value. This has been resolved by removing the code which set the passivation timeout to the OAuth2 refresh token lifetime.

SR-A102969 · Issue 273954

XSS security update for error.jsp

Resolved in Pega Version 7.3

The error.jsp file has been updated for better XSS security with WebSphere and Firefox.

SR-A96514 · Issue 275326

Updated encryption logic for URL obfuscation

Resolved in Pega Version 7.3

If URL obfuscation was enabled and the incoming URL had non-ASCII characters (or UNICODE) characters in it, the encryption process was failing due to the incorrect length of byte array formation in padding logic. This logic error has been corrected.

SR-A97323 · Issue 266550

XSS filtering added to pzDisplayModalDialog

Resolved in Pega Version 7.3

XSS filtering has been added to the pzDisplayModalDialog to improve security.

SR-B10697 · Issue 282917

XSS handling added for pyCategory in Rule-Obj-Listview.ListViewHeader

Resolved in Pega Version 7.3

Cross-site scripting handling has been added for the pyCategory parameter in ListViewHeader to improve security.

SR-B10697 · Issue 280753

XSS handling added for pyCategory in Rule-Obj-Listview.ListViewHeader

Resolved in Pega Version 7.3

Cross-site scripting handling has been added for the pyCategory parameter in ListViewHeader to improve security.

SR-B10947 · Issue 280020

pzSUS Param properly URLEncoded

Resolved in Pega Version 7.3

The Tomcat 8+ server was rejecting DWA URLs due to characters such as {,} that it considered to be unsafe. These characters were introduced by pzSus key in the URL, and these values will now be encoded for the browser to resolve these issues.

SR-B11243 · Issue 284444

XSS handling added for ShowSelectedPortal in RedirectRun

Resolved in Pega Version 7.3

XCC handling has been added to the RedirectRun activity using location parameter and ShowSelectedPortal to improve security.

SR-B11243 · Issue 288261

XSS handling added for ShowSelectedPortal in RedirectRun

Resolved in Pega Version 7.3

XSS handling has been added to the RedirectRun activity using location parameter and ShowSelectedPortal to improve security.

Ready to crush complexity?

Experience the benefits of Pega Community when you log in.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us