Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Pega Infinity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-6700)

Description

Pega Platform versions 8.1 to Infinity 24.1.2 are affected by an XSS issue with App name.

Remediation

References

Related Vulnerabilities

WordPress Plugin Really Easy Slider TimThumb Arbitrary File Upload (0.1)

Oracle Database Server Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2007-0275)

WordPress 4.0.x Multiple Vulnerabilities (4.0 - 4.0.18)

WordPress 5.9.x Shortcode Execution (5.9 - 5.9.6)

WordPress Plugin Art-Picture-Gallery Arbitrary File Upload (1.2.9)

Severity

Medium

Classification

CVE-2024-6700 CWE-707 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities