CVE-2023-50165
- EPSS 0.09%
- Veröffentlicht 31.01.2024 18:15:46
- Zuletzt bearbeitet 21.11.2024 08:36:35
Pega Platform versions 8.2.1 to Infinity 23.1.0 are affected by an Generated PDF issue that could expose file contents.
CVE-2023-50166
- EPSS 0.2%
- Veröffentlicht 31.01.2024 18:15:46
- Zuletzt bearbeitet 21.11.2024 08:36:35
Pega Platform from 8.5.4 to 8.8.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter.
CVE-2023-32087
- EPSS 0.15%
- Veröffentlicht 18.10.2023 12:15:09
- Zuletzt bearbeitet 21.11.2024 08:02:41
Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with task creation
CVE-2023-32088
- EPSS 0.15%
- Veröffentlicht 18.10.2023 12:15:09
- Zuletzt bearbeitet 21.11.2024 08:02:41
Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with ad-hoc case creation
CVE-2023-32089
- EPSS 0.15%
- Veröffentlicht 18.10.2023 12:15:09
- Zuletzt bearbeitet 21.11.2024 08:02:41
Pega Platform versions 8.1 to 8.8.2 are affected by an XSS issue with Pin description
CVE-2019-16374
- EPSS 1.17%
- Veröffentlicht 13.08.2020 13:15:16
- Zuletzt bearbeitet 21.11.2024 04:30:35
Pega Platform 8.2.1 allows LDAP injection because a username can contain a * character and can be of unlimited length. An attacker can specify four characters of a username, followed by the * character, to bypass access control.
CVE-2020-8775
- EPSS 0.54%
- Veröffentlicht 29.04.2020 16:15:11
- Zuletzt bearbeitet 21.11.2024 05:39:24
Pega Platform before version 8.2.6 is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the comment tags.
CVE-2020-8773
- EPSS 0.54%
- Veröffentlicht 29.04.2020 15:15:11
- Zuletzt bearbeitet 21.11.2024 05:39:24
The Richtext Editor in Pega Platform before 8.2.6 is affected by a Stored Cross-Site Scripting (XSS) vulnerability.