Ramon Dunker

Name of the Vulnerable Software and Affected Versions Pega Robotic Automation versions 22.1 and R25 Description A security issue exists within Pega Browser Extension (PBE) that could allow an attacker to create a malicious website containing harmful code. If a Robot Runtime user visits this website, an arbitrary file-write could occur. Recommendations Update Pega Robotic Automation to a newer version that addresses this issue. As a temporary workaround, avoid navigating to untrusted websites while using Robot Runtime.

**Name of the Vulnerable Software and Affected Versions** Pega Robotic Automation (affected versions not specified) **Description** A native messaging host issue exists in Pega Browser Extension (PBE) impacting users of all Pega Robotic Automation versions with the extension installed. A malicious actor could create a website containing code targeting PBE. If a user visits this website, it could present an unexpected message box. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Pega Browser Extension versions 22.1 and R25 **Description** A flaw exists in Pega Browser Extension that could allow a malicious actor to create a website containing harmful code. This issue impacts Pega Robot Studio developers automating Google Chrome and Microsoft Edge during interrogation mode. Exploitation requires deceiving a developer into visiting a compromised website. The vulnerability does not affect Robot Runtime users. **Recommendations** Update Pega Browser Extension to a newer version that addresses this issue.

**Name of the Vulnerable Software and Affected Versions** The Newspaper WordPress theme versions prior to 12 **Description** The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitized before being outputted back in an HTML attribute via an AJAX action. This can be exploited, and there are reports of it being used in real-world incidents, including a combination of POST-based XSS and CSRF, with an additional information disclosure of the absolute path of the web server. **Recommendations** For versions prior to 12, update to version 12 or later to resolve the issue. As a temporary workaround, consider restricting access to the AJAX action that outputs the unsanitized parameter to minimize the risk of exploitation.