CVE-2023-3442
Missing Authorization in Jenkins plug-in for ServiceNow DevOps
Missing Authorization in Jenkins plug-in for ServiceNow DevOps
Cross-Site Request Forgery (CSRF) in Jenkins Plug-in for ServiceNow DevOps
ServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris ...
ACL bypass in Reporting functionality
Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts.
Cross-Site Scripting (XSS) vulnerability found on logout functionality
There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when ...
Cross-Site Scripting (XSS) vulnerability in ServiceNow UI page assessment_redirect