Pega Platform Security Vulnerabilities and Issues — Pega Platform CVE List

Lucene search

PegaPega Platform

3 matches found

CVE•added 2020/12/15 9:15 p.m.•46 views

CVE-2020-23957

Pega Platform through 8.4.x is affected by Cross Site Scripting (XSS) via the ConnectionID parameter, as demonstrated by a pyActivity=Data-TRACERSettings.pzStartTracerSession request to a PRAuth URI.

6.1CVSS6AI score0.0024EPSS

CVE•added 2020/04/29 3:15 p.m.•42 views

CVE-2020-8774

Pega Platform before version 8.2.6 is affected by a Reflected Cross-Site Scripting vulnerability in the "ActionStringID" function.

8.8CVSS7.9AI score0.00528EPSS

CVE•added 2020/11/09 2:15 p.m.•35 views

CVE-2020-24353

Pega Platform before 8.4.0 has a XSS issue via stream rule parameters used in the request header.

6.1CVSS6AI score0.00312EPSS