Reflected Cross Site Scripting in ServiceNow AI Platform

ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could result in arbitrary code being executed within the browsers of ServiceNow users who click on a specially crafted link.    ServiceNow has addressed this vulnerability by deploying a relevant security update to the majority of hosted instances. Relevant security updates also have been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configuration. Further, the vulnerability is addressed in the listed patches and hot fixes. We recommend customers promptly apply appropriate updates or upgrade if they have not already done so.

N/A

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

ServiceNow AI Platform 安全漏洞

ServiceNow AI Platform是美国ServiceNow公司的一款AI智能平台。 ServiceNow AI Platform存在安全漏洞，该漏洞源于反射型跨站脚本漏洞，可能导致用户点击特制链接时在浏览器中执行任意代码。

N/A

N/A