HTML Injection in Pega Platform
| Title | HTML Injection in Pega Platform |
| Discovery date | 23/04/2024 |
| Class | HTML Injection |
Affected Products
Pega Platform versions 8.1 to Infinity 24.1.2
Proof of Concept
From the dashboard, we click on “Tipos de casos” (“Case types”) (1), then click on “Diversos” (“Others”) (2), then click on “ETAPA ALTERNATIVA” (“alternative procedure” (?)) (3):
We can now choose a name for the newly created procedure.
We insert (for example) HTML payload:
<h2 style="color:red">test<\h2>
As we can see from the screenshot below, after inserting the HTML payload the HTML code is rendered client-side, leading to a “HTML Injection” vulnerability:
