CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10094
https://notcve.org/view.php?id=CVE-2024-10094
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code Las versiones 6.x a Infinity 24.1.1 de Pega Platform se ven afectadas por un problema con el control inadecuado de la generación de código • https://support.pega.com/support-doc/pega-security-advisory-d24-vulnerability-remediation-note • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6702
https://notcve.org/view.php?id=CVE-2024-6702
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage. • https://support.pega.com/support-doc/pega-security-advisory-c24-vulnerability-remediation-note • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6701
https://notcve.org/view.php?id=CVE-2024-6701
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with case type. • https://support.pega.com/support-doc/pega-security-advisory-c24-vulnerability-remediation-note • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6700
https://notcve.org/view.php?id=CVE-2024-6700
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with App name. • https://support.pega.com/support-doc/pega-security-advisory-c24-vulnerability-remediation-note • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •