CVE-2025-62183
- EPSS 0.06%
- Veröffentlicht 17.02.2026 22:53:22
- Zuletzt bearbeitet 18.02.2026 17:51:53
Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality and Integrity are low...
CVE-2025-62181
- EPSS 0.05%
- Veröffentlicht 10.12.2025 20:41:08
- Zuletzt bearbeitet 12.12.2025 15:18:13
Pega Platform versions 7.1.0 through Infinity 25.1.0 are affected by a User Enumeration. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username i...
CVE-2025-9559
- EPSS 0.05%
- Veröffentlicht 16.10.2025 15:28:18
- Zuletzt bearbeitet 30.10.2025 16:15:26
Pega Platform versions 8.7.5 to Infinity 24.2.2 are affected by a Insecure Direct Object Reference issue in a user interface component that can only be used to read data.
CVE-2025-8681
- EPSS 0.02%
- Veröffentlicht 10.09.2025 16:00:15
- Zuletzt bearbeitet 29.10.2025 18:14:25
Pega Platform versions 7.1.0 to Infinity 24.2.2 are affected by a Stored XSS issue in a user interface component. Requires a high privileged user with a developer role.
CVE-2025-2161
- EPSS 0.21%
- Veröffentlicht 14.04.2025 14:19:37
- Zuletzt bearbeitet 30.10.2025 19:11:54
Pega Platform versions 7.2.1 to Infinity 24.2.1 are affected by an XSS issue with Mashup
CVE-2025-2160
- EPSS 0.21%
- Veröffentlicht 14.04.2025 14:16:34
- Zuletzt bearbeitet 30.10.2025 19:01:19
Pega Platform versions 8.4.3 to Infinity 24.2.1 are affected by an XSS issue with Mashup
CVE-2024-12211
- EPSS 0.25%
- Veröffentlicht 13.01.2025 17:15:16
- Zuletzt bearbeitet 29.10.2025 15:22:02
Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an Stored XSS issue with profile.
CVE-2023-50168
- EPSS 0.14%
- Veröffentlicht 14.03.2024 16:15:49
- Zuletzt bearbeitet 10.03.2025 15:22:26
Pega Platform from 6.x to 8.8.4 is affected by an XXE issue with PDF Generation.