U.S. Dept Of Defense: XSS DUE TO CVE-2022-38463 in https://████████
Description: During my research, I found one of the host running ServiceNow vulnerable to CVE-2022-38463 . ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality. Impact Attacker is able to steal victims cookies, redirect victim to attacker controlled...