Decrypting a Password 2 field where the value starts with a "<" followed by alpha characters displays empty valueDescriptionIf a "Password (2 Way Encrypted)" type field has a value which starts with < followed by alpha characters, decrypting this field using getDecryptedValue function will return an empty valueSteps to Reproduce Activate the Customer Service (com.sn_customerservice) plugin or any plugins which gives access to a scoped application1. Change the Application scope to "Customer Service"2. Create a new field of type "password2" on the sn_customerservice_case table3. Create a UI action for the sn_customerservice_case table with the following details:Form button: checkedShow insert and Show update: checkedScript: if (current.<password2_field_name>) { var password = current.<password2_field_name>.getDecryptedValue(); gs.addInfoMessage('Current Password: ' + password); action.setRedirectURL(current);} 4. Create a new record on sn_customerservice_case table and set the "password2" type field created from step 2 to have the value "<test123" (without quotes) then save the record5. Click on the UI action created from step 36. Repeat step 4 - 5 but for the "password2"type field, put in a value of "<1234" (without quotes) and noticed it decrypts successfullyExpected behavior: Clicking on the UI action should display an info message at the top of the form with the decrypted value of password2 type fieldActual behavior: Clicking on the UI action does not display the decrypted value of the password2 type field, it returns an empty value WorkaroundThe issue was with the gs.addInfoMessage() method and not with the password2 field, the password gets decrypted correctly, but when it is displayed on the UI using the addInfoMessage() method, it gets blanked out if the password contains a < followed by alpha chars. This is because the HTML sanitizer sanitizes the string before it is displayed on the UI. The workaround for this is to use function in the script under 'UI Action' that escapes special characters before displaying it on the UI. This is how the script can look: if (current.<password2 field>) { var password = current.<password2 field>.getDecryptedValue(); gs.addInfoMessage('Current Password: ' + escapeHtml(password)); action.setRedirectURL(current);} function escapeHtml(unsafe) { return unsafe .replace(/</g, "<") .replace(/>/g, ">");} Here are the links related to this issue:https://stackoverflow.com/questions/12558471/how-to-allow-specific-characters-with-owasp-html-sanitizerhttps://stackoverflow.com/questions/6234773/can-i-escape-html-special-chars-in-javascriptRelated Problem: PRB1395892