An arbitrary file-write vulnerability in Pega Browser Extension (PBE) affects Pega Robot Studio developers who are automating Google Chrome and Microsoft Edge using either version 22.1 or R25.

An arbitrary file-write vulnerability in Pega Browser Extension (PBE) affects Pega Robot Studio developers who are automating Google Chrome and Microsoft Edge using either version 22.1 or R25. This vulnerability does not affect Robot Runtime users. A bad actor could create a website that includes malicious code. The vulnerability may be exploited if a Pega Robot Studio developer is deceived into visiting this website during interrogation mode in Robot Studio.

N/A

访问控制不恰当

Pegasystems Pega Robot Studio 安全漏洞

Pegasystems Pega Robot Studio是美国Pegasystems公司的一个RPA（机器人流程自动化）集成开发环境。 Pegasystems Pega Robot Studio存在安全漏洞，该漏洞源于存在任意文件写入，可能导致攻击者创建包含恶意代码的网站，并在Robot Studio的询问模式下欺骗开发者访问以利用该漏洞。

N/A

N/A