12 matches found
EUVD-2022-40768
Malicious code in bioql PyPI...
CVE-2022-38172
ServiceNow through San Diego Patch 3 allows XSS via the name field during creation of a new dashboard for the Performance Analytics dashboard...
PT-2023-14286 · Servicenow · Servicenow
Name of the Vulnerable Software and Affected Versions: ServiceNow versions Quebec prior to Patch 10 Hot Fix 8b ServiceNow versions Rome prior to Patch 10 Hot Fix 1 ServiceNow versions San Diego prior to Patch 7 ServiceNow versions Tokyo prior to Tokyo Patch 1 ServiceNow versions Utah prior to Uta...
ServiceNow 安全漏洞
ServiceNow is a cloud computing platform from US-based ServiceNow, Inc. to help companies manage the digital workflow of their business operations. A security vulnerability exists in multiple ServiceNow products that stems from the presence of incorrect access control. The following products and...
PT-2023-14925 · Servicenow · Servicenow
Name of the Vulnerable Software and Affected Versions: ServiceNow versions prior to Quebec Patch 10 Hotfix 11b ServiceNow versions prior to Rome Patch 10 Hotfix 3b ServiceNow versions prior to San Diego Patch 9 ServiceNow versions prior to Tokyo Patch 4 ServiceNow versions prior to Utah GA...
U.S. Dept Of Defense: XSS DUE TO CVE-2022-38463 in https://████████
Description: During my research, I found one of the host running ServiceNow vulnerable to CVE-2022-38463 . ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality. Impact Attacker is able to steal victims cookies, redirect victim to attacker controlled...
CVE-2022-38463
ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality...
CVE-2022-38172
ServiceNow through San Diego Patch 3 allows XSS via the name field during creation of a new dashboard for the Performance Analytics dashboard...
CVE-2022-38172
ServiceNow through San Diego Patch 3 allows XSS via the name field during creation of a new dashboard for the Performance Analytics dashboard...
ServiceNow San Diego Patch 跨站脚本漏洞
ServiceNow San Diego Patch is a series of patches from ServiceNow USA. A cross-site scripting vulnerability exists in ServiceNow San Diego Patch 3 and prior versions, which stems from allowing XSS via the name field when creating new dashboards for the Performance Analytics Dashboard...
ServiceNow San Diego Patch 跨站脚本漏洞
ServiceNow San Diego Patch is a series of patches from ServiceNow USA. A cross-site scripting vulnerability exists in ServiceNow San Diego Patch 4b and Patch 6 and prior versions, which stems from allowing XSS in the logout function...
PT-2022-24418 · Servicenow · Servicenow
Name of the Vulnerable Software and Affected Versions: ServiceNow versions through San Diego Patch 4b and Patch 6 Description: The issue allows reflected XSS in the logout functionality. This can potentially be exploited by attackers to execute malicious scripts on user systems. Recommendations:...