...
Super administrators can now "impersonate" as other users. This will help the support or help desk staff to debug any issue a user is facing related to access. 
. Any action performed during impersonation is audited under the user you are impersonating.
For more details refer: User managementManagement
Active Users' Report
Super administrators can view and generate active users' report for a specific time interval. This is useful to understand the usage of OpenSpecimen at a center especially when multiple users from different groups are using the instance.
Activate
...
Expired User Accounts
Admins can activate user accounts which are expired by resetting their password from the user profile page.
...
When boxes are moved from one location to another, a transfer event is logged on the container and all specimens stored in it also get transfer event. Earlier when a box was moved, there was no record of this at the specimen level.
Containers: Display hierarchy
In the "Container hierarchy information in query results:
Container hierarchy information in container view:" column, the position of each parent container is included in the display.
In container overview page, an 'info" icon is provided next to the container name to view the container hierarchy along with the positions.
Custom forms
Ability to search forms by additional filters
Better/cleaner UI to attach forms and ability to edit 'Multi-Record' option
Data Entry
...
Usability Enhancements in Visit and Participant pages
In some use cases, users would want to enter additional fields at visit level during specimen collection. To enter data in such cases as a workflow, there is option to enter visit first and then proceed to collection.
...
In previous version, the date/time fields in the query results, exported CSV files, and the custom DE fields were formatted using the server time zone. This works fine when both the server and the end-users are in the same time zone. But there might be studies which have users operating from different time zones. To support this, OpenSpecimen now formats the date/time field values using the user time zone. This will ensure the date/time is displayed in all places in OpenSpecimen based on what is entered by the user.
Security fixes
The release build v6.2.RC2 has some very important security fixes. The security vulnerabilities that are fixed in this release build are listed below:
1. Cross-site request forgery: The attacker performs unwanted OpenSpecimen activities using the authentication session without the user's knowledge or interaction. The attacker exploits OpenSpecimen's trust in the user's browser.
2. Potential cross-site scripting: The attacker uses OpenSpecimen to send malicious code in the form of JavaScript to unsuspecting users. The end user's browser executes the script, which can result in revealing cookies, tokens and other sensitive information used by the browser for communication with OpenSpecimen. The attacker exploits the browser's trust in OpenSpecimen.
3. Unsafe cross-origin destination: When the end-users add links to external websites (as in CP SOP) that are affected by malicious code, then the affected website can trick the OpenSpecimen users to reveal the sensitive information and further spread the malicious code.
4. CSV injection: In this attack, disgruntled OpenSpecimen users (Biobank staff) upload specially crafted data that allows them to execute malicious code on other users' computers when the victims export and open the CSV data file.
5. Unrestricted file uploads: In this attack, disgruntled OpenSpecimen users (Biobank staff) upload malicious code files (.exe) that are executed on other users' computers when the victims click or download the file links.
REDCap Integration Improvements
...