VYPR
Unrated severityNVD Advisory· Published Dec 15, 2020· Updated Aug 4, 2024

CVE-2020-23957

CVE-2020-23957

Description

Pega Platform through 8.4.x is affected by Cross Site Scripting (XSS) via the ConnectionID parameter, as demonstrated by a pyActivity=Data-TRACERSettings.pzStartTracerSession request to a PRAuth URI.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.