exploitDog

GHSA-pw7g-7762-p5qw

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS via crafted sysparm_item_guid and sys_id parameters in an Incident Request to service_catalog.do.

ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS via crafted sysparm_item_guid and sys_id parameters in an Incident Request to service_catalog.do.

Ссылки

EPSS

Процентиль: 43%

0.00206

Низкий

CVE ID

Связанные уязвимости

CVE-2019-20768

CVSS3: 5.4

nvd

почти 6 лет назад

ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS via crafted sysparm_item_guid and sys_id parameters in an Incident Request to service_catalog.do.

EPSS

Процентиль: 43%

0.00206

Низкий

CVE ID