CNNVD-202601-2149 Information
Jan 13, 2026
cve
CNNVD ID
CNNVD-202601-2149
Related CVE
- CNNVD Published: 2026-01-13
Description (Chinese)
Pega Customer Service Framework是美国Pega公司的一个客户服务框架。 Pega Customer Service Framework 8.7.0版本至25.1.0版本存在安全漏洞,该漏洞源于文件上传无限制,可能导致特权用户上传恶意文件。
Description (English)
Pega Customier Service Framework is a client service framework for the United States company Pega. There is a security loophole between versions 8.7.0 and 25.1.0 of Pega Customier Service, which stems from the unrestricted uploading of documents, which may lead to the uploading of malicious documents by privileged users.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Pega
Published
2026-01-13
Last Modified
2026-02-24
References
https://support.pega.com/support-doc/pega-security-advisory-l25-vulnerability-remediation-note
Patch
https://support.pega.com/support-doc/pega-security-advisory-l25-vulnerability-remediation-note
Share on: