CVE-2022-35655
https://notcve.org/view.php?id=CVE-2022-35655
Pega Platform from 7.3 to 8.7.3 is affected by an XSS issue due to a misconfiguration of a datapage setting. Pega Platform versiones desde 7.3 a 8.7.3, está afectada por un problema de tipo XSS debido a una configuración errónea de un ajuste de la página de datos. • https://support.pega.com/support-doc/pega-security-advisory-d22-e22-f22-vulnerabilities-%E2%80%93-hotfix-matrix • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-35654
https://notcve.org/view.php?id=CVE-2022-35654
Pega Platform from 8.5.4 to 8.7.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter. Pega Platform versiones desde 8.5.4 a 8.7.3, está afectada por un problema de tipo XSS con un usuario no autenticado y el parámetro de redireccionamiento. • https://support.pega.com/support-doc/pega-security-advisory-d22-e22-f22-vulnerabilities-%E2%80%93-hotfix-matrix • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •