CVSS: 5.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6702
https://notcve.org/view.php?id=CVE-2024-6702
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage. • https://support.pega.com/support-doc/pega-security-advisory-c24-vulnerability-remediation-note • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6701
https://notcve.org/view.php?id=CVE-2024-6701
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with case type. • https://support.pega.com/support-doc/pega-security-advisory-c24-vulnerability-remediation-note • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6700
https://notcve.org/view.php?id=CVE-2024-6700
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with App name. • https://support.pega.com/support-doc/pega-security-advisory-c24-vulnerability-remediation-note • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •