Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (44 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-17478 1 Pega 1 Pega Platform 2024-11-21 N/A
An XSS issue was discovered in Designer Studio in Pegasystems Pega Platform 7.1.7, 7.1.8, 7.1.9, 7.1.10, 7.2, 7.2.1, and 7.2.2. A user with developer credentials can insert malicious code (up to 64 characters) into a text field in Designer Studio, after establishing context. Designer Studio is the developer workbench for Pega Platform. That XSS payload will execute when other developers visit the affected pages.
CVE-2024-6700 1 Pega 1 Infinity 2024-09-13 5.5 Medium
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with App name.
CVE-2024-6701 1 Pega 1 Infinity 2024-09-13 5.5 Medium
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with case type.
CVE-2024-6702 1 Pega 1 Infinity 2024-09-13 5.2 Medium
Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an HTML Injection issue with Stage.