Pega Infinity Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-50166 - Vulnerability Database

Pega Infinity Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2023-50166

High

Reference: CVE-2023-50166

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-50166

Title: Pega Infinity Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability

Overview:

Pega Platform from 8.5.4 to 8.8.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter.