We recently moved from Pega 7.2.2 to 8.4.3 and came across a problem - clicking on filter icon in Table causes Security Alert:

Unauthorized request detected : Unregistered request encountered for activity pzRunActionWrapper 

and there is a warning message on UI:

URL tampering vulnerability detected.

This article https://community.pega.com/knowledgebase/articles/security/85/verify-requests-application-layer implies that this warning only appears when using custom non-autogenerated controls, however we are using OOTB table filtering functionality, we don't have any custom controls or Run Script actions in our application.

Is this Pega's defect or do we need to change some settings in our application after moving from 7.2.2? Will this be fixed in 8.5 since pyBlockUnregisteredRequests will be blocking unregistered requests by default?