What the vulnerability does
01Description
Pega Platform versions 8.1 to Infinity 24.2.0 are affected by an XSS issue with search.
CVSS base score
5.9/10
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N
Key dates
02Disclosure timeline
December 5, 2024
CVE published
December 5, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-9377 SourceCodester SUP Online Shopping productedit.php cross site scripting
CVE-2025-46935 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)
CVE-2025-23674 WordPress Bit.ly linker plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2023-5244 Cross-site Scripting (XSS) - Reflected in microweber/microweber
CVE-2023-31159 Improper Neutralization of Input During Web Page Generation
