Release notes for version 3.3.9 of Connect (LA)
Date of release
Summary
Addressed security vulnerabilities when building queries for dial lists
There are internal changes to the package code to address potential security issues highlighted by the Salesforce security review process. The functionality of the package has not been affected by these changes.
The following work has been done to code that constructs queries from dial list filters that are entered by the user:
- Prevented potential injection attacks by sanitising all string input.
- Constrained the use of the {{IN}} operator to act only lists of IDs or strings.
ContactWorld Agent Availability API now controls dialler button enabled state
There is a new ContactWorld Agent Availability API that is the definitive source of information for whether an agent is available to initiate or receive an interaction. The dialler now uses this API to determine the actions available to an agent when using the dialler. The use of this API now means that the agent will not be able to dial a call until they have entered the ready state.
Users can now be unassigned from dial lists
Previously, any agent that had been assigned a dial list would remain assigned when the list was refreshed, even if they had been unassigned from the list. This was a defect and has been fixed. Agents who are unassigned from the list will no longer reappear when the list is refreshed.
Dial buttons could be used after pressing stop
We've corrected an issue with the Connect Home Page Component where it was possible to click Dial after clicking the Stop button, addressing this prevents agents from accidentally dialing an entry when they intend to stop using the dialler.
For general assistance, please contact Customer Support.
For help using this documentation, please send an email to docs_feedback@vonage.com. We're happy to hear from you. Your contribution helps everyone at Vonage! Please include the name of the page in your email.