XSS Vulnerability in ServiceNow ITSM 2016-06-02: First Name/Last Name Field and Search Bar

XSS Vulnerability in ServiceNow ITSM 2016-06-02: First Name/Last Name Field and Search Bar

CVE-2018-8720 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last Name field of My Profile (aka navpage.do), or the Search bar of My Portal (aka search_results.do).

Learn more about our Web Application Penetration Testing UK.