CVE-2022-39048

Name of the Vulnerable Software and Affected Versions ServiceNow (affected versions not specified)

Description A XSS issue was identified in the ServiceNow UI page assessment redirect. To exploit this, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation could be used to conduct various client-side attacks, including phishing, redirection, theft of CSRF tokens, and use of an authenticated user's browser or session to attack other systems.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.