01642 06 11 11 Arrange Call

HTML Injection Vulnerability in Pega Platform Versions 7.1 to 8.8.3

CVE-2023-4843 · MEDIUM

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L

CVE-2023-4843

Pega Platform versions 7.1 to 8.8.3 are affected by an HTML Injection issue with a name field utilized in Visual Business Director, however this field can only be modified by an authenticated administrative user.

Learn more about our User Device Pen Test.