Lucene search
+L

442 matches found

Nuclei
Nuclei
added yesterday153 views

Pega Infinity - Authentication Bypass

Pega Infinity versions 8.2.1 through 8.5.2 contain an authentication bypass vulnerability because the password reset functionality for local accounts can be used to bypass local authentication checks. id: CVE-2021-27651 info: name: Pega Infinity - Authentication Bypass author: idealphase,daffainf...

9.8CVSS8.4AI score0.53841EPSS
Exploits1References5
NVD
NVD
added 4 days ago4 views

CVE-2026-1562

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Stored Cross-site scripting XSS vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.6CVSS0.00304EPSS
Exploits0References1
NVD
NVD
added 4 days ago4 views

CVE-2026-1563

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Reflected Cross-site scripting XSS vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.8CVSS0.00304EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago35 views

CVE-2026-1563 Pega Platform versions 8.1.0 through 25.1.2 are affected by an Reflected Cross-site scripting (XSS) vulnerability in a user interface component. Requires a high privileged user with a developer role.

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Reflected Cross-site scripting XSS vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.8CVSS0.00304EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago4 views

CVE-2026-1563

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Reflected Cross-site scripting XSS vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.8CVSS6.1AI score0.00304EPSS
Exploits0References2Affected Software1
CVE
CVE
added 4 days ago14 views

CVE-2026-1563

Pega Platform versions 8.1.0–25.1.2 are affected by a reflected XSS in a UI component. Exploitation requires a high-privilege user with a developer role; impact is limited to the affected UI context. CVSS 4.8 (MEDIUM) with low confidentiality/integrity impact and no availability impact. No exploi...

4.8CVSS6.1AI score0.00304EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-44727

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Reflected Cross-site scripting XSS vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.8CVSS6.1AI score0.00304EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago35 views

CVE-2026-1562 Pega Platform versions 8.1.0 through 25.1.2 are affected by an Stored Cross-site scripting (XSS) vulnerability in a user interface component. Requires a high privileged user with a developer role.

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Stored Cross-site scripting XSS vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.6CVSS0.00304EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago4 views

CVE-2026-1562

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Stored Cross-site scripting XSS vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.6CVSS6.1AI score0.00304EPSS
Exploits0References2Affected Software1
CVE
CVE
added 4 days ago11 views

CVE-2026-1562

The CVE-2026-1562 entry concerns Pega Platform versions 8.1.0 through 25.1.2 with a Stored Cross‑site Scripting (XSS) vulnerability in a user interface component. The flaw arises in a UI component and requires a high-privilege user with a developer role to exploit. Affected versions and impact ar...

4.6CVSS6.1AI score0.00304EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-44726

Pega Platform versions 8.1.0 through 25.1.2 are affected by an Stored Cross-site scripting XSS vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.6CVSS6.1AI score0.00304EPSS
Exploits0References1
NVD
NVD
added 2026/06/23 4:16 p.m.16 views

CVE-2025-62180

Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs...

7.1CVSS0.00215EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 2:48 p.m.38 views

CVE-2025-62180 Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs.

Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs...

7.1CVSS0.00215EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/23 2:48 p.m.19 views

EUVD-2025-210309

Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs...

7.1CVSS5.8AI score0.00215EPSS
Exploits0References2
CVE
CVE
added 2026/06/23 2:48 p.m.23 views

CVE-2025-62180

The CVE concerns Pega Platform versions 8.3.0 through Infinity 25.1.2, affected by an authorization weakness that may let authenticated users access additional data via crafted URLs. The vulnerability is described with a high impact on confidentiality (VULNERABLE SYSTEM CONFIDENTIALITY: HIGH) and...

7.1CVSS5.8AI score0.00215EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/16 12:54 a.m.8 views

EUVD-2026-23112

Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a developer role...

5.1CVSS5.8AI score0.00187EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/16 12:54 a.m.5 views

EUVD-2026-23114

Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-Site Scripting vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.8CVSS5.8AI score0.00187EPSS
Exploits0References2
NVD
NVD
added 2026/04/15 10:16 p.m.8 views

CVE-2026-1564

Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a developer role...

5.1CVSS0.00187EPSS
Exploits0References1
NVD
NVD
added 2026/04/15 10:16 p.m.7 views

CVE-2026-1711

Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-Site Scripting vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.8CVSS0.00187EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/15 9:32 p.m.7 views

CVE-2026-1711

Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-Site Scripting vulnerability in a user interface component. Requires a high privileged user with a developer role...

4.8CVSS5.8AI score0.00187EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder