4 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in PEGA Platform 7.2 ML0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to the main page; the 2 beanReference parameter to the JavaBean viewer page; or the 3 pyTableName to the System database schema...
CVE-2017-11355
Multiple cross-site scripting XSS vulnerabilities in PEGA Platform 7.2 ML0 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to the main page; the 2 beanReference parameter to the JavaBean viewer page; or the 3 pyTableName to the System database schema...
CVE-2017-11355
Pegasystems PEGA Platform 7.2 ML0 and earlier are affected by multiple XSS vulnerabilities (CVE-2017-11355) allowing remote attackers to inject arbitrary scripts via PATH_INFO, the JavaBean viewer beanReference, or pyTableName on the System database schema modification page; CVE-2017-11356 also a...
PEGA Platform 7.2 ML0 - Missing Access Control Cross-Site Scripting
PEGA Platform 7.2 ML0 - Missing Access Control Cross-Site Scripting Summary ======= 1. Missing access control CVE-2017-11356 2. Multiple cross-site scripting CVE-2017-11355 Vendor ====== "Pegasystems Inc. is the leader in software for customer engagement and operational excellence. Pega’s adaptiv...