RSS   Vulnerabilities for 'It service management'   RSS

2020-05-05
 
CVE-2019-20768

CWE-79
 

 
ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS via crafted sysparm_item_guid and sys_id parameters in an Incident Request to service_catalog.do.

 
2018-03-15
 
CVE-2018-8720

CWE-79
 

 
ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last Name field of My Profile (aka navpage.do), or the Search bar of My Portal (aka search_results.do).

 

 >>> Vendor: Servicenow 2 Products
It service management
Servicenow


Copyright 2024, cxsecurity.com

 

Back to Top