Stored Cross-Site Scripting Vulnerability in Pega Platform by Pegasystems
CVE-2026-1562
4.6MEDIUM
What is CVE-2026-1562?
The Pega Platform is susceptible to a stored cross-site scripting (XSS) vulnerability that arises within a user interface component. This security flaw necessitates the involvement of a high privileged user, particularly someone with a developer role, to exploit the issue effectively. When successfully exploited, an attacker could inject malicious scripts, leading to potential data leakage or further compromise of the application. It is crucial for organizations using affected versions of Pega Platform to take immediate action to remediate this vulnerability.
Affected Version(s)
Pega Infinity 8.1.0
