This release includes a few security enhancements and resolves some issues which have recently been identified. The update will be rolled-out to all clients from the end of January 2020.
Use of Login link in the main navigation after submitting an application
An issue has been resolved related to the use of the login link in the main top navigation which was not working immediately post-submission for systems employing in-line registration on the application form.
Security update - logging out of the Backoffice now automatically logs out of the User portal
Previously, a user's User portal session would remain active for a period of time after logging out of the Recruit Backoffice. This was potentially an issue if a user with less access than the original user accessed a previous user's User portal session on a shared computer for example.
Unexpected signature text including HTML in Adobe Sign signatures now handled
A potential security concern has been addressed in the Adobe Sign integration, where a person's name can be entered as HTML, possibly including malicious code when signing a document in Adobe.
Persistence of calendar invite data when editing via self-service
When editing calendar invite templates via self-service, the actual calendar invite data and merge fields were being persisted when the calendar invite tick box was unchecked and the fields were no longer displayed. This was resulting in unexpected behaviour for some comms templates, as they were still behaving as calendar invites, even when not marked as such. The data in the hidden fields is no longer persisted when editing via self-service.
Email attachments when editing emails via self-service
In certain circumstances, certain email attachment selections were reverting back to the first thing in the attachments list when editing an existing email template via self-service. If not noticed, this was resulting in incorrect attachments being sent to users or candidates. Attachment selections will now persist as expected.