CVE-2024-5890

Name of the Vulnerable Software and Affected Versions: ServiceNow (affected versions not specified)

Description: The issue is related to an HTML injection vulnerability identified in the Now Platform. This could potentially enable an unauthenticated user to modify a web page or redirect users to another website. ServiceNow has released updates to address this issue.

Recommendations: Apply the relevant security patches to your instance(s) as soon as possible. As a temporary workaround, consider restricting access to potentially vulnerable web pages until a patch is applied. If you have not done so already, update your instance with the latest security updates provided by ServiceNow.