Количество 2
Количество 2
CVE-2022-39048
A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user's browser or session to attack other systems.
GHSA-48vw-436h-p87m
ServiceNow Tokyo allows XSS.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-39048 A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user's browser or session to attack other systems. | CVSS3: 6.1 | 20% Средний | почти 3 года назад |
| GHSA-48vw-436h-p87m ServiceNow Tokyo allows XSS. | CVSS3: 6.1 | 20% Средний | почти 3 года назад |
Уязвимостей на страницу