4 results (0.011 seconds)

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code Las versiones 6.x a Infinity 24.1.1 de Pega Platform se ven afectadas por un problema con el control inadecuado de la generación de código • https://support.pega.com/support-doc/pega-security-advisory-d24-vulnerability-remediation-note • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.2EPSS: 0%CPEs: 1EXPL: 0

Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage. • https://support.pega.com/support-doc/pega-security-advisory-c24-vulnerability-remediation-note • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with case type. • https://support.pega.com/support-doc/pega-security-advisory-c24-vulnerability-remediation-note • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with App name. • https://support.pega.com/support-doc/pega-security-advisory-c24-vulnerability-remediation-note • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •