Vulnerabilities > Pega > Infinity > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-09-12 CVE-2024-6700 Cross-site Scripting vulnerability in Pega Infinity
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with App name.
network
low complexity
pega CWE-79
4.8
4.8
2024-09-12 CVE-2024-6701 Cross-site Scripting vulnerability in Pega Infinity
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with case type.
network
low complexity
pega CWE-79
4.8
4.8
2024-09-12 CVE-2024-6702 Cross-site Scripting vulnerability in Pega Infinity
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage.
network
low complexity
pega CWE-79
4.8
4.8
2021-04-01 CVE-2021-27653 Unspecified vulnerability in Pega Infinity
Misconfiguration of the Pega Chat Access Group portal in Pega platform 7.4.0 - 8.5.x could lead to unintended data exposure.
network
low complexity
pega
4.9
4.9