Postgres Enterprise Manager (Pem)
Approved changes feed: RSS · Atom
cpe:2.3:a:enterprisedb:postgres_enterprise_manager_(pem):*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Enterprisedb (788c5be5-c3bc-5186-8634-02d14556d9dc) |
|---|---|
| Product | Postgres Enterprise Manager (Pem) (2d60b0c5-8d30-5081-b485-2e7ed4743cfe) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-0949 |
vulnerable | 2026-06-08 07:47:13.537323 |
Details available
MEDIUM (6.5)
PEM versions prior to 9.8.1 are affected by a stored Cross-site Scripting (XSS) vulnerability that allows users with access to the Manage Charts menu to inject arbitrary JavaScript when creating a new chart, which is then executed by any user accessing the chart. By default only the superuser and users with pem_admin or pem_super_admin privileges are able to access the Manage Charts menu.
Published: 2026-01-16T16:29:42.134Z
Updated: 2026-01-16T16:49:37.156Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.