CVE-2019-16386
PEGA Platform 7.x and 8.x is vulnerable to Information disclosure via a direct prweb/sso/randomtoken/!STANDARD?pyActivity=GetWebInfo&target=popup&pzHarnessID=randomharnessid request to get database schema information while using a low-privilege account. NOTE: The vendor states that this...