There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: SN

Published: 2023-04-14T00:00:00

Updated: 2024-08-03T14:39:38.636Z

Reserved: 2022-12-09T00:00:00

Link: CVE-2022-46886

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2023-04-14T20:15:09.413

Modified: 2023-04-24T17:39:45.737

Link: CVE-2022-46886

cve-icon Redhat

No data.