Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-1209

Опубликовано: 23 мая 2023
Источник: nvd
CVSS3: 4.3
CVSS3: 5.4
EPSS Низкий

Описание

Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:servicenow:servicenow:rome:-:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1a:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1b:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_2:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_10:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2a:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2b:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_3b:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_2:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_3:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_3_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_4:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1a:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1b:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_5:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_2:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_6:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_2:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_7_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_7a:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_7b:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_8:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_2:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_9:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_9_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_9a:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:rome:patch_9b:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:-:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1a:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1b:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_2:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_2_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_3:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_2:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_3:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_4:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_4a:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_6:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_7:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hotfix_2:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hottix_3:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_7a:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_7b:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_8:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_8_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_8_hotfix_2:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:san_diego:patch_9:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:-:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_1_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_1a:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_1b:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_2:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_2:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_3:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_4:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_3:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_1:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_2:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_3:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_4:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:tokyo:patch_4:*:*:*:*:*:*
cpe:2.3:a:servicenow:servicenow:utah:-:*:*:*:*:*:*

EPSS

Процентиль: 59%
0.00378
Низкий

4.3 Medium

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79
CWE-79

Связанные уязвимости

github логотип

GHSA-gvxg-qc2x-rm9f

CVSS3: 4.3
github
больше 2 лет назад

Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts.

EPSS

Процентиль: 59%
0.00378
Низкий

4.3 Medium

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79
CWE-79