Vulnerabilidades em Pegasystems
41 resultadosCVE-2023-32087MEDIUM
Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with task creation
EPSS 0.3%CVE-2023-32088MEDIUM
Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with ad-hoc case creation
EPSS 0.3%CVE-2023-50167MEDIUMPega Platform from 7.1.7 to 23.1.1 is affected by an XSS issue with editing/rendering user html content.EPSS 0.3%CVE-2023-32089MEDIUM
Pega Platform versions 8.1 to 8.8.2 are affected by an XSS issue with Pin description
EPSS 0.3%CVE-2023-4843MEDIUMPega Platform versions 7.1 to 8.8.3 are affected by an HTML Injection issue with a name field utilized in Visual Business Director, however EPSS 0.3%CVE-2022-35656MEDIUMPega Platform from 8.3 to 8.7.3 vulnerability may allow authenticated security administrators to alter CSRF settings directly.EPSS 0.3%CVE-2026-1079MEDIUMA native messaging host vulnerability in Pega Browser Extension (PBE) affects users of all versions of Pega Robotic Automation who have installed Pega Browser Extension.EPSS 0.3%CVE-2025-62184MEDIUMPega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component.EPSS 0.3%CVE-2025-62183MEDIUMPega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality and Integrity are low.EPSS 0.3%CVE-2025-62182MEDIUMPega Customer Service Framework versions 8.7.0 through 25.1.0 are affected by a Unrestricted file upload vulnerability, where a privileged user could potentially upload a malicious file.EPSS 0.2%CVE-2024-6701MEDIUMPega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with case type.EPSS 0.2%CVE-2024-6700MEDIUMPega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with App name.EPSS 0.2%CVE-2024-6702MEDIUMPega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage.EPSS 0.2%CVE-2025-2160HIGHPega Platform versions 8.4.3 to Infinity 24.2.1 are affected by an XSS issue with MashupEPSS 0.2%CVE-2025-2161HIGHPega Platform versions 7.2.1 to Infinity 24.2.1 are affected by an XSS issue with MashupEPSS 0.2%CVE-2025-62180HIGHPega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs.EPSS 0.2%CVE-2024-10716MEDIUMPega Platform versions 8.1 to Infinity 24.2.0 are affected by an XSS issue with search.EPSS 0.2%CVE-2026-1711MEDIUMPega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-Site Scripting vulnerability in a user interface component. Requires a high privileged user with a developer role.EPSS 0.2%CVE-2026-1564MEDIUMPega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a developer role.EPSS 0.2%CVE-2025-8681MEDIUMPega Platform versions 7.1.0 to Infinity 24.2.2 are affected by a Stored XSS issue in a user interface componentEPSS 0.2%