Pega Browser Extension Pbe
Monthly
Remote code execution via malicious websites targeting Pega Browser Extension (PBE) allows unauthenticated attackers to trigger unexpected message boxes and cause availability impact on affected systems. All versions of Pega Browser Extension prior to 3.1.45 are vulnerable; the attack requires user interaction (navigation to a malicious website) but no special privileges. CVSS 6.0 score reflects the moderate severity with high availability impact potential. No active exploitation or public exploit code has been identified at the time of analysis.
Remote code execution via malicious websites targeting Pega Browser Extension (PBE) allows unauthenticated attackers to trigger unexpected message boxes and cause availability impact on affected systems. All versions of Pega Browser Extension prior to 3.1.45 are vulnerable; the attack requires user interaction (navigation to a malicious website) but no special privileges. CVSS 6.0 score reflects the moderate severity with high availability impact potential. No active exploitation or public exploit code has been identified at the time of analysis.