Lucene search
HistoryAug 23, 2022 - 7:15 p.m.
CVE-2022-38463
servicenow
san diego
patch
4b
6
reflected xss
logout
nvd
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.002 Low
EPSS
Percentile
54.8%
ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality.
Affected configurations
Node
servicenowservicenowMatchsan_diegopatch_4
ORservicenowservicenowMatchsan_diegopatch_4a
ORservicenowservicenowMatchsan_diegopatch_6
| CPE | Name | Operator | Version |
|---|---|---|---|
| servicenow:servicenow | servicenow | eq | san_diego |
Social References
More
Related
hackerone
hackerone
U.S. Dept Of Defense: Reflected XSS at https://ââââââ/
2022-08-26 10:08:17
U.S. Dept Of Defense: XSS in ServiceNow logout https://ââââ:443
2022-09-14 10:48:09
cvelist
cvelist
CVE-2022-38463
2022-08-23 18:07:57
prion
prion
Cross site scripting
2022-08-23 19:15:00
nvd
nvd
CVE-2022-38463
2022-08-23 19:15:09
nuclei
nuclei
ServiceNow - Cross-Site Scripting
2022-08-25 14:42:25
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.002 Low
EPSS
Percentile
54.8%
Related for CVE-2022-38463