HIGH✓ PATCH🇬🇧 English

CVE-2023-50168

CVSS 7.7v3.1pub. 2024-03-14upd. 2025-03-10

Pega Platform from 6.x to 8.8.4 is affected by an XXE issue with PDF Generation.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
  • Pega Platform

    APP
    Pega
    < 8.8.5
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
XXE
CWE
Referencje

Powiązane podatności

CVE-2023-32090CRITICAL9.8ten sam produkt

Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentials

CVE-2020-15390CRITICAL9.8ten sam produkt

pyActivity in Pega Platform 8.4.0.237 has a security misconfiguration that leads to an improper access control...

CVE-2025-2161HIGH7.1ten sam produkt

Pega Platform versions 7.2.1 to Infinity 24.2.1 are affected by an XSS issue with Mashup

CVE-2025-2160HIGH8.1ten sam produkt

Pega Platform versions 8.4.3 to Infinity 24.2.1 are affected by an XSS issue with Mashup

CVE-2023-28094HIGH8.1ten sam produkt

Pega platform clients who are using versions 7.4 through 8.8.x and have upgraded from a version prior to 8.x m...

CVE-2023-50168 — HIGH 7.7 | CVEbaza.pl