Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-20768 | 1 Servicenow | 1 It Service Management | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS via crafted sysparm_item_guid and sys_id parameters in an Incident Request to service_catalog.do. | |||||
CVE-2018-8720 | 1 Servicenow | 1 It Service Management | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last Name field of My Profile (aka navpage.do), or the Search bar of My Portal (aka search_results.do). |