Loading
Generated remediation guidance and an executive summary. No account required.
A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user's browser or session to attack other systems.
Use CWE-79, Servicenow vendor hub and Servicenow product page to widen CVE-2022-39048 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2024-4879, CVE-2024-5217 and CVE-2022-43684 for nearby disclosures in the same product family.