CVE-2022-39048

MEDIUM NUCLEI

ServiceNow - Stored Cross-Site Scripting in assessment_redirect UI Page

Title source: llm

Exploitation Summary

CVE-2022-39048 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.

Description

A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user's browser or session to attack other systems.

Nuclei Templates (1)

ServiceNow - Cross-site Scripting

MEDIUMVERIFIEDby theamanrawat

Shodan: http.title:"ServiceNow" || http.title:"servicenow" || http.favicon.hash:1701804003

FOFA: title="servicenow" || icon_hash=1701804003

References (2)

Core 2

Core References

Various Sources

https://support.servicenow.com/

Various Sources

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1221892

Scores

CVSS v3 6.1

EPSS 0.0109

EPSS Percentile 61.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (3)

servicenow/servicenow quebec (2 CPE variants)

servicenow/servicenow rome patch_1 (35 CPE variants)

servicenow/servicenow san_diego patch_1 (13 CPE variants)

Published Apr 10, 2023

Tracked Since Feb 18, 2026