Vulnerabilities > Pega > Pega Platform > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-29 | CVE-2020-8774 | Cross-site Scripting vulnerability in Pega Platform Pega Platform before version 8.2.6 is affected by a Reflected Cross-Site Scripting vulnerability in the "ActionStringID" function. | 8.8 |
| 2019-11-26 | CVE-2019-16387 | Exposure of Resource to Wrong Sphere vulnerability in Pega Platform 8.3 PEGA Platform 8.3.0 is vulnerable to a direct prweb/sso/random_token/!STANDARD?pyActivity=Data-Admin-DB-Name.DBSchema_ListDatabases request while using a low-privilege account. | 8.1 |