CVE-2022-35654

Summary

Pega Platform from 8.5.4 to 8.7.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter.

Affected Software

VendorProductVersion RangeStatus
PegasystemsPega Infinity8.5.4 < unspecifiedaffected
PegasystemsPega Infinityunspecified < 8.7.3affected

Weaknesses

  • CWE-79: CWE-79: Cross-Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References