12 matches found
EUVD-2022-40768
Malicious code in bioql PyPI...
CVE-2022-38172
ServiceNow through San Diego Patch 3 allows XSS via the name field during creation of a new dashboard for the Performance Analytics dashboard...
PT-2023-14286 · Servicenow · Servicenow
Name of the Vulnerable Software and Affected Versions: ServiceNow versions Quebec prior to Patch 10 Hot Fix 8b ServiceNow versions Rome prior to Patch 10 Hot Fix 1 ServiceNow versions San Diego prior to Patch 7 ServiceNow versions Tokyo prior to Tokyo Patch 1 ServiceNow versions Utah prior to Uta...
ServiceNow 安全漏洞
ServiceNow is a cloud computing platform from US-based ServiceNow, Inc. to help companies manage the digital workflow of their business operations. A security vulnerability exists in multiple ServiceNow products that stems from the presence of incorrect access control. The following products and...
PT-2023-14925 · Servicenow · Servicenow
Name of the Vulnerable Software and Affected Versions: ServiceNow versions prior to Quebec Patch 10 Hotfix 11b ServiceNow versions prior to Rome Patch 10 Hotfix 3b ServiceNow versions prior to San Diego Patch 9 ServiceNow versions prior to Tokyo Patch 4 ServiceNow versions prior to Utah GA...
U.S. Dept Of Defense: XSS DUE TO CVE-2022-38463 in https://████████
Description: During my research, I found one of the host running ServiceNow vulnerable to CVE-2022-38463 . ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality. Impact Attacker is able to steal victims cookies, redirect victim to attacker controlled...
CVE-2022-38463
ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality...
CVE-2022-38172
ServiceNow through San Diego Patch 3 allows XSS via the name field during creation of a new dashboard for the Performance Analytics dashboard...
CVE-2022-38172
ServiceNow through San Diego Patch 3 allows XSS via the name field during creation of a new dashboard for the Performance Analytics dashboard...
ServiceNow San Diego Patch 跨站脚本漏洞
ServiceNow San Diego Patch is a series of patches from ServiceNow USA. A cross-site scripting vulnerability exists in ServiceNow San Diego Patch 4b and Patch 6 and prior versions, which stems from allowing XSS in the logout function...
PT-2022-24418 · Servicenow · Servicenow
Name of the Vulnerable Software and Affected Versions: ServiceNow versions through San Diego Patch 4b and Patch 6 Description: The issue allows reflected XSS in the logout functionality. This can potentially be exploited by attackers to execute malicious scripts on user systems. Recommendations:...
ServiceNow San Diego Patch 跨站脚本漏洞
ServiceNow San Diego Patch is a series of patches from ServiceNow USA. A cross-site scripting vulnerability exists in ServiceNow San Diego Patch 3 and prior versions, which stems from allowing XSS via the name field when creating new dashboards for the Performance Analytics Dashboard...