Arbitrary file upload in Pegasystems Pega Infinity

CVE-2025-62182

Pega Customer Service Framework versions 8.7.0 through 25.1.0 are affected by a Unrestricted file upload vulnerability, where a privileged user could potentially upload a malicious file.

Vulnerability class: Unrestricted File Upload

EPSS: 0.002 (15.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References