pega pega_platform の CVE(27 件)

CVE 件数: 27 CPE versions: View versions table

概要

本ページは pega pega_platform に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。

表示中 120 / 27 CVE 件数
«« 先頭 « 前へ 1 / 2 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2026-1711 Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-Site Scripting vulnerability in a user interface component. Requires a high privileged user with a developer role. [email protected] 4.8 0.19% 2026-04-15 2026-06-17
CVE-2026-1564 Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a developer role. [email protected] 5.1 0.19% 2026-04-15 2026-06-17
CVE-2025-62184 Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality is low and Integrity is none. [email protected] 4.8 0.26% 2026-03-31 2026-06-17
CVE-2025-9559 Pega Platform versions 8.7.5 to Infinity 24.2.2 are affected by a Insecure Direct Object Reference issue in a user interface component that can only be used to read data. [email protected] 6.5 0.37% 2025-10-16 2026-06-17
CVE-2025-8681 Pega Platform versions 7.1.0 to Infinity 24.2.2 are affected by a Stored XSS issue in a user interface component.  Requires a high privileged user with a developer role. [email protected] 5.5 0.18% 2025-09-10 2026-06-17
CVE-2025-2161 Pega Platform versions 7.2.1 to Infinity 24.2.1 are affected by an XSS issue with Mashup [email protected] 7.1 0.21% 2025-04-14 2026-06-17
CVE-2025-2160 Pega Platform versions 8.4.3 to Infinity 24.2.1 are affected by an XSS issue with Mashup [email protected] 8.1 0.22% 2025-04-14 2026-06-17
CVE-2024-12211 Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an Stored XSS issue with profile. [email protected] 5.4 0.34% 2025-01-13 2026-06-17
CVE-2023-50168 Pega Platform from 6.x to 8.8.4 is affected by an XXE issue with PDF Generation. [email protected] 7.7 0.39% 2024-03-14 2026-06-17
CVE-2023-50167 Pega Platform from 7.1.7 to 23.1.1 is affected by an XSS issue with editing/rendering user html content. [email protected] 5.4 0.30% 2024-03-06 2026-06-17
CVE-2023-4843 Pega Platform versions 7.1 to 8.8.3 are affected by an HTML Injection issue with a name field utilized in Visual Business Director, however this field can only be modified by an authenticated administrative user. [email protected] 4.3 0.29% 2023-09-08 2026-06-17
CVE-2023-32090 Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentials [email protected] 9.8 0.52% 2023-08-07 2026-06-17
CVE-2023-28094 Pega platform clients who are using versions 7.4 through 8.8.x and have upgraded from a version prior to 8.x may be utilizing default credentials. [email protected] 8.1 0.53% 2023-06-22 2026-06-17
CVE-2023-26465 Pega Platform versions 7.2 to 8.8.1 are affected by an XSS issue. [email protected] 6.1 0.44% 2023-06-09 2026-06-17
CVE-2022-35656 Pega Platform from 8.3 to 8.7.3 vulnerability may allow authenticated security administrators to alter CSRF settings directly. [email protected] 4.5 0.28% 2022-08-22 2026-06-17
CVE-2022-35655 Pega Platform from 7.3 to 8.7.3 is affected by an XSS issue due to a misconfiguration of a datapage setting. [email protected] 6.1 0.39% 2022-08-22 2026-06-17
CVE-2022-35654 Pega Platform from 8.5.4 to 8.7.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter. [email protected] 6.1 0.42% 2022-08-22 2026-06-17
CVE-2020-15390 pyActivity in Pega Platform 8.4.0.237 has a security misconfiguration that leads to an improper access control vulnerability via =GetWebInfo. [email protected] 9.8 1.35% 2021-04-12 2026-06-16
CVE-2020-23957 Pega Platform through 8.4.x is affected by Cross Site Scripting (XSS) via the ConnectionID parameter, as demonstrated by a pyActivity=Data-TRACERSettings.pzStartTracerSession request to a PRAuth URI. [email protected] 6.1 0.68% 2020-12-15 2026-06-16
CVE-2020-24353 Pega Platform before 8.4.0 has a XSS issue via stream rule parameters used in the request header. [email protected] 6.1 0.64% 2020-11-09 2026-06-16
«« 先頭 « 前へ 1 / 2 次へ »
cvelogic Threat Intelligence