Arbitrary file upload in Pegasystems Pega Infinity
CVE-2025-62182
Pega Customer Service Framework versions 8.7.0 through 25.1.0 are affected by a Unrestricted file upload vulnerability, where a privileged user could potentially upload a malicious file.
Vulnerability class: Unrestricted File Upload
EPSS: 0.002 (15.8th percentile) — read the EPSS interpretation.
Affected products
- Pegasystems Pega Infinity — versions 8.7.0