Product Enhancements
1.1 Enforce Collaboration Portal users on Concurrence
We have enhanced the Collaboration Portal to ensure that Collaboration Portal users adhere to the agency's Collaboration Portal License for concurrent users. With this update, a Collaboration Portal user will be restricted from logging in when the maximum number of concurrent users have already logged in.
1.2 Collaboration Portal French Translations
With our continued commitment to provide French translations throughout the system, we have focused on translating the majority of items in the Collaboration Portal.
1.3 French Translations
With this feature, we have addressed French translations for Document Management and several other areas throughout the application.
Bug Fixes
Weāve addressed the following bugs in this version of ATIPXpress:
ID | Description |
|---|---|
83167 | Enhanced formatting of the Administration pageās left navigation in the Collaboration module. |
99166 | Fixed a bug causing Selection under Page Range to appear grayed out in Find & Unredact on the Folder level. |
100618 | Addressed an issue allowing the number of scan users permitted in the license to be exceeded due to inaccurate counting of number of allowed Collaboration scan users while the scanning role window is open. |
100435 | Resolved an error encountered on adding a Correspondence attachment to Collaboration message on the Collaboration portal, that caused the window shift out of view thereby restricting any user interaction. |
Security Updates
Weāve made the following security updates in this version of ATIPXpress:
ID | Description |
|---|---|
1278800 | Updated system libraries and DLLs to enhance performance and compatibility of PAL and PAL Configuration. |
1278978 | Configured SQL Server to use non-standard ports in PAL/PAL Configuration and Collaboration. |
1279115 | Tested accessibility and implemented remediation for the required compliance points of Collaboration module. |
1279241 | Encrypted all configuration files for PAL and PAL Configuration modules to further safeguard system credentials and configurations from unauthorized access. |
1290223 | Updated JavaScript libraries to fix vulnerabilities in PAL and PAL Configuration modules. |
1290228 | Fixed a vulnerability that allowed an authorized user to view the names of the non-owned folders in the Document Management System. |
1292611 | Deprecate unload function in PAL. |
1294479 | Introduced output encoding (e.g., HTML entity encoding), input validation, and Content Security Policy (CSP) headers. |
1295860 | Implemented rate limiting on OTP verification to mitigate brute-force vulnerability identified. |
ID | Description |
|---|---|
1298392 | Introduced output encoding (e.g., HTML entity encoding), input validation, and Content Security Policy (CSP) headers. |
1298396 | Introduced output encoding (e.g., HTML entity encoding), input validation, and Content Security Policy (CSP) headers. |
1298397 | Sanitized all user inputs rendered into HTML, used templating engines with auto-escaping, and limited rendering of untrusted content. |
1298821 | Prevented vulnerability of Improper HTML Control Handling in PAL modules. |
1299788 | Restricted the number of password reset verification code requests within a defined time frame to enhance security and prevent abuse. |
1303264 | Fixed a security vulnerability in PAL Configuration for pal_adminlogin page. |
1304324 | Introduced output encoding (e.g., HTML entity encoding), input validation, and Content Security Policy (CSP) headers. Sanitized certain user inputs rendered into HTML, used templating engines with auto-escaping, and limited rendering of untrusted content. |
1306051 | Reviewed and corrected access control policies, implemented deny-by-default strategies, and validated user roles per request. |