Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Servicenow
(Servicenow)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 13 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2022-08-23 | CVE-2022-38463 | ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality. | Servicenow | 6.1 | ||
2022-02-10 | CVE-2021-45901 | The password-reset form in ServiceNow Orlando provides different responses to invalid authentication attempts depending on whether the username exists. | Servicenow | 5.3 | ||
2018-08-03 | CVE-2018-7748 | report_viewer.do in ServiceNow Release Jakarta Patch 8 and earlier allows remote attackers to execute arbitrary code via '${xyz}' Glide Scripting Injection in the sysparm_media parameter. | Servicenow | 8.8 |