Описание
Pega Platform versions 7.1 to 8.8.3 are affected by an HTML Injection issue with a name field utilized in Visual Business Director, however this field can only be modified by an authenticated administrative user.
Уязвимые конфигурации
Конфигурация 1Версия от 7.1.0 (включая) до 8.8.3 (включая)
cpe:2.3:a:pega:pega_platform:*:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00058
Низкий
4.3 Medium
CVSS3
4.8 Medium
CVSS3
Дефекты
CWE-74
CWE-79
Связанные уязвимости
CVSS3: 4.3
github
больше 2 лет назад
Pega Platform versions 7.1 to 8.8.3 are affected by an HTML Injection issue with a name field utilized in Visual Business Director, however this field can only be modified by an authenticated administrative user.
EPSS
Процентиль: 18%
0.00058
Низкий
4.3 Medium
CVSS3
4.8 Medium
CVSS3
Дефекты
CWE-74
CWE-79