Medium severity6.1NVD Advisory· Published Aug 2, 2017· Updated Jun 17, 2026
CVE-2017-11355
CVE-2017-11355
Description
Multiple cross-site scripting (XSS) vulnerabilities in PEGA Platform 7.2 ML0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to the main page; the (2) beanReference parameter to the JavaBean viewer page; or the (3) pyTableName to the System database schema modification page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:pega:pega_platform:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:pega:pega_platform:*:*:*:*:*:*:*:*range: <=7.2_ml0
- (no CPE)range: <=7.2 ML0
- Range: <=7.2 ML0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.