CNNVD-202509-1503 Information

Sep 10, 2025 cve

CNNVD ID

CNNVD-202509-1503

CVE-2025-8681

CNNVD Published: 2025-09-10

Description (Chinese)

Pegasystem Pega Platform是美国Pegasystem公司的一套应用程序开发平台。该平台用于开发BPM（业务流程管理）、案例管理、实时决策和CRM（客户关系管理）等应用程序。 Pegasystem Pega Platform 7.1.0至Infinity 24.2.2版本存在安全漏洞，该漏洞源于用户界面组件存在存储型跨站脚本问题。

Description (English)

Pegasystem Pega Platform is an application development platform for the United States company Pegasystem. The platform is used to develop applications such as BPM (business process management), case management, real-time decision-making and CRM (customer relationship management). There is a security loophole in Pegasystem Pega Platform 7.1.0 to Infinity 24.2.2, which stems from storage-type cross-site scripts for user interface components.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Pegasystem

Published

2025-09-10

Last Modified

2026-02-24

References

https://support.pega.com/support-doc/pega-security-advisory-g25-vulnerability-remediation-note

Patch

https://support.pega.com/support-doc/pega-security-advisory-g25-vulnerability-remediation-note

Share on: