CVE-2023-32088 MEDIUM

CVE-2023-32088

Vendor Pegasystems

Product Pega Platform

Weakness CWE-79 · XSS

Published October 18, 2023

Last update September 12, 2024

View on NVD All CVEs

CVSS base score

4.6/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

Pega Platform versions 8.1 to Infinity 23.1.0 are affected by an XSS issue with ad-hoc case creation

Key dates

02Disclosure timeline

October 18, 2023 CVE published

September 12, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-32088 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2024-8152 SourceCodester QR Code Bookmark System Parameter add-bookmark.php cross site scripting CVE-2024-35688 WordPress Master Addons for Elementor plugin <= 2.0.5.9 - Cross Site Scripting (XSS) vulnerability CVE-2023-43710 Os Commerce 4.12.56860 - Cross Site Scripting Reflected (XSS) CVE-2024-6296 Stackable – Page Builder Gutenberg Blocks <= 3.13.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting CVE-2025-34032 Moodle LMS Jmol Plugin Cross-site Scripting (XSS)