Stored Cross-Site Scripting in Pega Platform
Title | Stored Cross-Site Scripting in Pega Platform |
Discovery date | 23/04/2024 |
Class | XSS Stored |
Affected Products
Pega Platform versions 8.1 to Infinity 24.1.2
Proof of Concept
From “APP STUDIO” homepage, under “Casos” (“Cases”), we can click on “Diversos” (“Others”):
Then, in tab “Flujo de trabajo” (“Workflow”), we can add a new “Objeto de datos” (“Data Object”):
We can then insert an XSS payload into text field “Nombre” (“Name”).
The specific payload used is:
<img src=x onerror=alert('XSS')>
We can then save this change by clicking on button “Grabar” (“Save”):
The XSS payload is then triggered, executing the JavaScript code client-side: