Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Pega Infinity — Vulnerabilities & Security Advisories 25

All 25 CVE vulnerabilities found in Pega Infinity, with AI-generated Chinese analysis, references, and POCs.

Vendor: Pegasystems

CVE IDTitleCVSSSeverityPublished
CVE-2026-1711 Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-Site Scripting vulnerability in a user interface component. Requires a high privileged user with a developer role. CWE-79 4.8 -2026-04-15
CVE-2026-1564 Pega Platform versions 8.1.0 through 25.1.1 are affected by an HTML Injection vulnerability in a user interface component. Requires a high privileged user with a developer role. CWE-80 5.5 -2026-04-15
CVE-2025-62184 Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. CWE-79 4.8AIMediumAI2026-03-31
CVE-2025-62183 Pega Platform versions 8.1.0 through 25.1.1 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality and Integrity are low. CWE-79 4.8AIMediumAI2026-02-17
CVE-2025-62182 Pega Customer Service Framework versions 8.7.0 through 25.1.0 are affected by a Unrestricted file upload vulnerability, where a privileged user could potentially upload a malicious file. CWE-434 7.2AIHighAI2026-01-13
CVE-2025-62181 Pega Platform versions 7.1.0 through Infinity 25.1.0 are affected by a User Enumeration where during user authentication process, a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not. CWE-204 5.3 Medium2025-12-10
CVE-2025-9559 Pega Platform versions 8.7.5 to Infinity 24.2.2 are affected by a Insecure Direct Object Reference issue in a user interface component that can only be used to read data CWE-639 6.5 Medium2025-10-16
CVE-2025-8681 Pega Platform versions 7.1.0 to Infinity 24.2.2 are affected by a Stored XSS issue in a user interface component CWE-79 5.5 Medium2025-09-10
CVE-2025-2161 Pegasystem Pega Platform 安全漏洞 CWE-79 7.1 High2025-04-14
CVE-2025-2160 Pegasystem Pega Platform 安全漏洞 CWE-79 8.1 High2025-04-14
CVE-2024-12211 Pegasystem PEGA Platform 安全漏洞 CWE-79 5.4 Medium2025-01-13
CVE-2024-10716 Pegasystem PEGA Platform 安全漏洞 CWE-79 5.9 Medium2024-12-05
CVE-2024-10094 Pegasystem PEGA Platform 安全漏洞 CWE-94 9.1 Critical2024-11-20
CVE-2024-6702 Pegasystem PEGA Platform 安全漏洞 CWE-74 5.2 Medium2024-09-12
CVE-2024-6701 Pegasystem PEGA Platform 安全漏洞 CWE-79 5.5 Medium2024-09-12
CVE-2024-6700 Pegasystem PEGA Platform 安全漏洞 CWE-79 5.5 Medium2024-09-12
CVE-2023-26465 Pegasystem PEGA Platform 跨站脚本漏洞 CWE-79 6.1 -2023-06-09
CVE-2022-35656 Pegasystem PEGA Platform 跨站请求伪造漏洞 CWE-352 4.5 -2022-08-22
CVE-2022-35655 Pegasystem PEGA Platform 跨站脚本漏洞 CWE-79 6.1 -2022-08-22
CVE-2022-35654 Pegasystem PEGA Platform 跨站脚本漏洞 CWE-79 6.1 -2022-08-22
CVE-2022-24083 Pegasystem Pega 安全漏洞 CWE-285 8.4 -2022-07-25
CVE-2022-24082 Pegasystem PEGA Platform 代码问题漏洞 CWE-502 9.8 -2022-07-19
CVE-2021-27654 Pegasystems Pega 授权问题漏洞 CWE-640 7.8 -2022-01-28
CVE-2021-27651 PEGA pega infinity 授权问题漏洞 CWE-287 7.8 -2021-04-29
CVE-2021-27653 Pegasystem PEGA Platform 访问控制错误漏洞 CWE-284 6.6 Medium2021-04-01

All 25 known CVE vulnerabilities affecting Pega Infinity with full Chinese analysis, references, and POCs where available.