PT-2026-51527 · Pegasystems · Pega Infinity

Published

2026-06-23

Updated

2026-06-23

CVE-2025-62180

CVSS v4.0

7.1

High

Vector

AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N

Pega Platform versions 8.3.0 through Infinity 25.1.2 are affected by an authorization weakness that may allow authenticated users to access certain additional data via crafted URLs.

Fix

IDOR

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-639

Related Identifiers

CVE-2025-62180

Affected Products

Pega Infinity

PT-2026-51527 · Pegasystems · Pega Infinity

CVE-2025-62180

Weakness Enumeration

Related Identifiers

Affected Products

References · 3