Description
In versions 8.2.1 through 8.5.2 of Pega Infinity, the password reset functionality for local accounts can be used to bypass local authentication checks.
Remediation
References
Related Vulnerabilities
WordPress Plugin Content Copy Protection & Prevent Image Save Cross-Site Request Forgery (1.3)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1862)
Contao CVE-2024-28234 Vulnerability (CVE-2024-28234)
WordPress Plugin Download Monitor Cross-Site Scripting (1.7.0)