Security Advisory

CVE-2020-23957

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-15 20:31:17

Last updated 2024-08-04 15:05:11

Assigner mitre

State PUBLISHED

Description

Pega Platform through 8.4.x is affected by Cross Site Scripting (XSS) via the ConnectionID parameter, as demonstrated by a pyActivity=Data-TRACERSettings.pzStartTracerSession request to a PRAuth URI.

← Browse all CVEs View on cve.org ↗