Fixed defects
This section describes the fixed defects in the 9.1.2 version of Marketing Platform.
| PO03992, APAR 173470 | Cross site scripting issues existed on the dashboard portlet creation page and the data source creation page. This has been fixed. |
| PO04188, APAR 176943 | A security issue resulted from validation not being performed on some input fields. This has been fixed. |
| P000051, APAR 168778 | When Marketing Platform was configured to integrate with Windows Active Directory, and when a user created in Marketing Platform had the same user name as an Active Directory user, that internal user could log in to Marketing Platform with the Active Directory user's password,even when the Active Directory external user was not synchronized. This has been fixed. |
| PO03160, APAR 158353 | When an HCL Scheduler task was configured to run after two or more other tasks completed successfully, and if one of the runs failed, a dependent task ran, when it should not have run. This issue has been fixed. |
| PO04000, APAR 173576 | The value of the portletURL request parameter in a custom dashboard portlet could be intercepted and a third party URL could be injected. This has been fixed. |
| PO04344, APAR 179416 | When authenticated mode was configured in HCL® EMM Reports, there was a security vulnerability in the error message that was displayed when an incorrect user name was entered. This has been fixed. |
| PO04026, APAR 174004 | When Authentication mode was set to authentiactedPerUser in HCL EMM Reports, external users could not access the Cognos reports through Campaign Analytics. This has been fixed. |
| PO04301, APAR 178789 | After Campaign was upgraded from version 8.6 to version 9.1.0.0, users could not access the User Roles & Permissions page. This has been fixed. |
| PO04307, APAR 178917 | When the environment was configured to use the French region and locale, the HCL EMM Scheduler default recurrence definitions translated in French did not clearly define midnight. This has been fixed. |
| PO04509, APAR 182201, DEF 182204 | When you installed Marketing Platform and selected an option in the IBM Page Tagging field, the installer did not set the value of the corresponding configuration property correctly. This has been fixed. |
| PO04539, APAR 182563, DEF 182566 | When you scheduled a Campaign flowchart and added a new notification by clicking Edit Job Notifications, your changes were not applied and the notification reverted to the default setting. This has been fixed. |
| PO04446, APAR 181284, DEF 181278 | A scheduled job based on a trigger failed to run because the schedule that sent the trigger was not deleted from the Quartz tables, so it was still in "running" status. This has been fixed. |
| APAR PO04734, APAR 186158, DEF 186163 | The Reports SQL Generator did not update the header completely. If you opened a dashboard page and then navigated to the Reports SQL Generator, the part of the header under the title was not refreshed and remained from the previously visited page. This has been fixed. |
| PO04707, APAR 185697, DEF 185700 | If Marketing Platform system tables were in Oracle and you applied fixpack 9.1.1.2 on Marketing Platform and Campaign, the Campaign Global Policy roles on the User Roles Permissions page were displayed with inconsistent sorting. This has been fixed. |
| PO04495, APAR 181891, DEF 181896 | Cross-site scripting security issues have been fixed. |
| APAR PO02558, DEF 134139 | Header types were missing for static content such as image, .js and .css files. This has been fixed. |
| APAR PO03696, DEF 168191 | The HCL EMM Scheduler allowed a Campaign flowchart to be scheduled for a past date and time. This has been fixed. |
| APAR PO03491, DEF 164112 | A custom dashboard portlet created using a URL did not show the report. This has been fixed. |
| APAR P000051, DEF 168780 | An internal user could log in using the password of an external user in Windows Active Directory, if both accounts had the same user name, even when the external user was not synchronized. This has been fixed. |
| APAR PO02808, DEF 154710 | a scheduled flowchart run failed when a campaign was moved to another folder or renamed. This has been fixed. |
| APAR PO04224, DEF 177600 | A cross site scripting issue occurred. This has been fixed. |
| APAR PO03160, DEF 158354 | When a schedule was configured using On completion of other tasks, a dependent run task fired inappropriately because some run cycle results were not considered. This has been fixed. |
| APAR PO03993, DEF 173479 | When the system archived notification alerts, the following errors occurred.
|
| APAR PO04188, DEF 176949 | Validation was not performed on dashboard name input fields for the <Button> html tag. This has been fixed. |
| APAR PO04213, DEF 177424 | The change password page was vulnerable to a cross-site request forgery attack. This has been fixed. |
| APAR PO04000, DEF 173578 | For the dashboard custom iframe portlet, a URL was passed as a request parameter, which was an open redirection vulnerability security issue. This has been fixed. |
| APAR PO04026, DEF 174007 | If Oracle was used for Marketing Platform system tables, external LDAP and Siteminder users were unable to access Cognos reports through Campaign Analytics. This has been fixed. |
| PO04448, APAR 181309, DEF 181308 | "Authentication failed" errors occurred on user login when single sign-on with HCL Digital Analytics was configured to create HCL Digital Analytics user accounts automatically. This has been fixed. |
| APAR PO04301, DEF 178784 | When HCL Campaign had multiple partitions, and Marketing Platform and Campaign were both upgraded or had a fixpack applied, users were seeing an "Internal system error" when they tried to log in or open the Roles & Permissions page. This has been fixed. |
| APAR PO04344, DEF 179417 | The error message that users saw when they tried to log in to Cognos with an invalid user name had a security vulnerability. Users now see a generic error message. |
| PMR173463, DEF 173471 | Cross site scripting issues occurred in the portlet name when a user created a custom portlet, and in the data source name when a user created a data source for a Marketing Platform user. This has been fixed. |
| APAR PO04307, DEF 178919 | When the environment was configured to use the French region and locale, theHCL EMM Scheduler default recurrence definitions did not clearly define whether noon or midnight was referenced in the cron expression. This has been fixed. |
| APAR PO04364, DEF 179922 | A report could not be scheduled in Cognos when the Report authentication mode was UnicaSecure namespace. This has been fixed. |
| APAR PO04707, DEF 185700 | If Marketing Platform system tables were in Oracle and you applied a FixPack on Marketing Platform and Campaign, the Campaign Global Policy roles on the User Roles Permissions page were sometimes displayed with inconsistent sorting. This has been fixed. |
| APAR PO04617, APAR 183980, DEF 183982 | If you used the scheduler_console_client utility to send a scheduler trigger, a NullPointerException occurred, and the actual cause of the failure was not captured. This has been fixed. |
| APAR PO03710, DEF 168327 | If a user clicked the Submit button multiple times, an error occurred and the user was logged out from the application even if the first request was successfully processed. This has been fixed. |
| APAR PO04317, DEF 178898 | If a you used the HCL EMM Scheduler to schedule an HCL Contact Optimization session and you clicked Scheduled Task > Scheduled item, you saw a javascript error page. This has been fixed. |
| APAR PO04764, DEF 186880 | In the Marketing Platform system table database, if the PAYLOAD field in the USCH_RUN table contained a NULL value, the schedule failed with a NullPointerException error. This has been fixed. |