Collaboration Center

Question

Replies

276

Views

Abhishek_Cap

Member since 2015

6 posts

Areteans UK

Posted: August 5, 2019

Last activity: August 12, 2019

Posted: 5 Aug 2019 11:16 EDT
Last activity: 12 Aug 2019 16:53 EDT

Closed

Pega WebMashup Security concerns

Hi All,

Recently, whilst working with on the banking giants in UK, we were turned down to use the Pega Web Mashup because it uses IFrame and the use of Iframe opens up the security vulnerabilities such as cross-site threats.

Can someone suggest what to do in that scenario?

Low-Code App Development

Security

User Experience

Moderation Team has archived post,

This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.

Posted: 1 year ago

Posted: 5 Aug 2019 21:36 EDT

Bhavya

Coforge DPA

replied to Abhishek_Cap

Pega does provide methods to over come cross site scripting. Go through the below link for details:

https://community.pega.com/knowledgebase/articles/best-practices-avoid-cross-site-scripting-xss-vulnerabilities

Hope it helps.

Regards

Bhavya

Posted: 1 year ago

Posted: 12 Aug 2019 16:53 EDT

JohnPaulRaja,C

PerseusX Incorporated

replied to Abhishek_Cap

Application restricted with CSRF

Add below DSS to get exception for mashup consumer portal

Pega-Engine

security/csrf/validreferers

Value : add mash up consumer URL

Personalized tools to propel your success

Contact a moderator

Question

Pega WebMashup Security concerns

About Pegasystems

Question

Pega WebMashup Security concerns

Related content:

About Pegasystems

We'd prefer it if you saw us at our best.