Pegasystems

Pega Platform

11 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2026-1711

  • EPSS 0.04%
  • Veröffentlicht 15.04.2026 21:32:51
  • Zuletzt bearbeitet 17.04.2026 15:38:09

Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-Site Scripting vulnerability in a user interface component. Requires a high privileged user with a developer role.

5.1

CVE-2026-1564

  • EPSS 0.04%
  • Veröffentlicht 15.04.2026 21:31:19
  • Zuletzt bearbeitet 17.04.2026 15:38:09

Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a developer role.

3.4

CVE-2025-62184

  • EPSS 0.03%
  • Veröffentlicht 31.03.2026 17:52:07
  • Zuletzt bearbeitet 03.04.2026 12:49:16

Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality is low and Integrity ...

4.8

CVE-2025-62183

  • EPSS 0.06%
  • Veröffentlicht 17.02.2026 22:53:22
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality and Integrity are low...

5.3

CVE-2025-62181

  • EPSS 0.05%
  • Veröffentlicht 10.12.2025 20:41:08
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Pega Platform versions 7.1.0 through Infinity 25.1.0 are affected by a User Enumeration. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username i...

6.5

CVE-2025-9559

  • EPSS 0.04%
  • Veröffentlicht 16.10.2025 15:28:18
  • Zuletzt bearbeitet 30.10.2025 16:15:26

Pega Platform versions 8.7.5 to Infinity 24.2.2 are affected by a Insecure Direct Object Reference issue in a user interface component that can only be used to read data.

5.4

CVE-2025-8681

  • EPSS 0.03%
  • Veröffentlicht 10.09.2025 16:00:15
  • Zuletzt bearbeitet 29.10.2025 18:14:25

Pega Platform versions 7.1.0 to Infinity 24.2.2 are affected by a Stored XSS issue in a user interface component.  Requires a high privileged user with a developer role.

6.1

CVE-2025-2161

  • EPSS 0.35%
  • Veröffentlicht 14.04.2025 14:19:37
  • Zuletzt bearbeitet 30.10.2025 19:11:54

Pega Platform versions 7.2.1 to Infinity 24.2.1 are affected by an XSS issue with Mashup

6.1

CVE-2025-2160

  • EPSS 0.23%
  • Veröffentlicht 14.04.2025 14:16:34
  • Zuletzt bearbeitet 30.10.2025 19:01:19

Pega Platform versions 8.4.3 to Infinity 24.2.1 are affected by an XSS issue with Mashup

5.4

CVE-2024-12211

  • EPSS 0.25%
  • Veröffentlicht 13.01.2025 17:15:16
  • Zuletzt bearbeitet 29.10.2025 15:22:02

Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an Stored XSS issue with profile.