Jordan Lyons

**Name of the Vulnerable Software and Affected Versions** Pega Platform versions 8.1.0 through 25.1.1 **Description** The software is susceptible to a Stored Cross-site Scripting issue within a user interface component. Exploitation requires an administrative user with extensive access rights. The potential impact to confidentiality and integrity is considered low. **Recommendations** Update Pega Platform to a version later than 25.1.1.

**Name of the Vulnerable Software and Affected Versions** Pega Platform versions 8.1 to Infinity 24.2.0 **Description** The issue is related to a Stored XSS problem with the profile. **Recommendations** For Pega Platform versions 8.1 to Infinity 24.2.0, update to a version newer than Infinity 24.2.0 to resolve the issue.