Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
448031.1%CRITICAL

Related CVEs

48
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2026-1711Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-Site Scripting vulnerability in a user interface component. Requires a high privileged user with a developer role.MEDIUM4.88.5%Apr 15, 2026
CVE-2026-1564Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a developer role.MEDIUM5.18.5%Apr 15, 2026
CVE-2025-62184Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality is low and Integrity is none.MEDIUM4.817.1%Mar 31, 2026
CVE-2025-9559Pega Platform versions 8.7.5 to Infinity 24.2.2 are affected by a Insecure Direct Object Reference issue in a user interface component that can only be used to read data.MEDIUM6.528.6%Oct 16, 2025
CVE-2025-8681Pega Platform versions 7.1.0 to Infinity 24.2.2 are affected by a Stored XSS issue in a user interface component.  Requires a high privileged user with a developer role.MEDIUM5.47.9%Sep 10, 2025
CVE-2025-2161Pega Platform versions 7.2.1 to Infinity 24.2.1 are affected by an XSS issue with MashupMEDIUM6.112.7%Apr 14, 2025
CVE-2025-2160Pega Platform versions 8.4.3 to Infinity 24.2.1 are affected by an XSS issue with MashupMEDIUM6.112.7%Apr 14, 2025
CVE-2024-12211Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an Stored XSS issue with profile.MEDIUM5.422.2%Jan 13, 2025
CVE-2024-10716Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an XSS issue with search.MEDIUM4.810.9%Dec 5, 2024
CVE-2024-10094Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of CodeCRITICAL9.836.7%Nov 20, 2024
CVE-2024-6702Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage.MEDIUM4.815.5%Sep 12, 2024
CVE-2024-6701Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with case type.MEDIUM4.815.5%Sep 12, 2024
CVE-2024-6700Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with App name.MEDIUM4.815.5%Sep 12, 2024
CVE-2023-50168Pega Platform from 6.x to 8.8.4 is affected by an XXE issue with PDF Generation.HIGH7.731.1%Mar 14, 2024
CVE-2023-50167Pega Platform from 7.1.7 to 23.1.1 is affected by an XSS issue with editing/rendering user html content.MEDIUM6.121.5%Mar 6, 2024
CVE-2023-50166Pega Platform from 8.5.4 to 8.8.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter.MEDIUM6.125.4%Jan 31, 2024
CVE-2023-50165Pega Platform versions 8.2.1 to Infinity 23.1.0 are affected by an Generated PDF issue that could expose file contents.HIGH8.625.6%Jan 31, 2024
CVE-2023-32089 Pega Platform versions 8.1 to 8.8.2 are affected by an XSS issue with Pin description MEDIUM6.121.5%Oct 18, 2023
CVE-2023-32088 Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with ad-hoc case creation MEDIUM6.121.5%Oct 18, 2023
CVE-2023-32087 Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with task creation MEDIUM6.121.5%Oct 18, 2023