Resolved Issues and Bug Fixes
Read more about resolved issues and bug fixes in this release.
Unsanitized Open Redirect via RURL parameter
We've removed the usage of the RURL request parameter in Main.aspx page.
CSRF vulnerability
We've improved CSRF origin validation on state changing requests.
Revert application string to defaults is not recorded as a changeset
We've fixed a problem where reverting application strings was not recorded as a changeset.
The Revert to defaults action in Application Strings no longer attempts to revert Data Object Type (DOT) multilingual property values to their default values. To modify DOT multilingual property values, use the Mass Edit option.
Reverting application strings only affects translations stored in the database. Custom translation files are not modified. For more information, refer to the Translations section.
INC-307262
Archiving DataObjectVersion stalls for hours due to AuditTrail archiving
Previously, the Archive process unnecessarily prevented the short and long archive cycles from running at the same time, even though they are independent operations. The cycles now run concurrently as intended, improving archive throughput.
INC-311618
Resolved SQL security finding
A possible SQL query vulnerability has been resolved by implementing parameterized queries. No exposure or customer impact occurred before the fix.
INC-312778