ServiceNow Polaris Layout Reflected XSS Vulnerability

ServiceNow Polaris Layout Reflected XSS Vulnerability

CVE-2023-1298 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

ServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris Layout. This vulnerability would enable an authenticated user to inject arbitrary scripts.

Learn more about our User Device Pen Test.