beqom v10 HF206 - Release notes
This article lists the new features that have been added to the platform, as well as the bugs that have been corrected in this release.
Deployment date: NPR: June 10th, 2025 - PRD: June 17th, 2025
Fix version: v10 - HF 206.4.1 - DB 10.0.1009
| Type | Reference | Description | |
|---|---|---|---|
| Zendesk | Jira | ||
| BQM-25604 | The code for the disabled state of the Feature Flag Integration API for Rapide activation was remove since this flag is now enforced. | ||
| BQM-25800 | A vulnerability to cross-site scripting (XSS) attacks was discovered in forms: form elements were only sanitized on the front-end, leaving the back-end vulnerable via tags like <img> or <iframe>. This was corrected; both front-end and back-end now sanitize inputs, allowing safe tags like <span> for mentions while blocking malicious attributes, to ensure full protection against XSS attacks. | ||
| BQM-25892 | The following issue was reported in the machine learning model configuration screen: the values displayed in the Population Criteria section were not populated from the correct table. The issue was corrected and the values are now populated only from the salary_prediction_training table. | ||
| BQM-25976 | The values of boolean fields are now filtered and validated using the back-end. This technical improvement impacts only the pay prediction UI. | ||
| BQM-26001 | In the pay prediction UI, the Final Offer salary difference was not calculated based on the salary in the destination currency if the prediction was calculated in a currency different than that of the current salary. | ||
| BQM-26020 | Following the update of the encryption method in HF204, it was observed that in some cases, decrypting old values may succeed without raising an error, even if the underlying data is corrupted. To address this, a new encryption type EncryptionType: 2 was introduced to represent the updated AES encryption method. The existing type EncryptionType: 1 is retained to use the legacy decryption logic. | ||