Vulnerabilities > Pega > Infinity > 8.7.6

DATE CVE VULNERABILITY TITLE RISK
2024-12-05 CVE-2024-10716 Cross-site Scripting vulnerability in Pega Infinity
Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an XSS issue with search.
network
low complexity
pega CWE-79
4.8
4.8
2024-11-20 CVE-2024-10094 Code Injection vulnerability in Pega Infinity
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code
network
low complexity
pega CWE-94
critical
 9.8
9.8