Current short-term support hotfixes

  • Updated

This article contains a list of hotfixes for the current cloud release. Be aware that the most recent hotfix contains all previous hotfixes, so applying the latest hotfix automatically updates your environment to the current cloud release. 

Optimizely has set a deadline for hotfix submissions each release to allow the Configured Commerce team time to prepare the upcoming release. See the hotfix submission deadline notice for more details.

Follow this article to receive email notifications when Optimizely Configured Commerce releases hotfixes for short-term support versions.

Current Cloud Release Version: 5.2.2404

Date Build Description
May 9, 2024 5.2.2404.1390+sts
  • Added OAuth 2.0 authentication to the UPS Rating Service.
  • Added internal-only authentication to /api/v2/ShareEntityGenerateFromWebpage.
  • Restricted X-Forwarded-Host Header to known hosts to improve security.
  • Improved security for Client-Side Template Injection (CSTI) in search history and lists in Classic.
  • Fixed an unhandled error that occurred when you unassigned a customer while impersonating a website user.
  • Fixed an error in the Order Submit job's WIS log file that caused the job to become stuck.