THREAT OPS › CVEs › CVE-2024-4879
CVE-2024-4879 — ServiceNow Improper Input Validation Vulnerability
ServiceNow Utah, Vancouver, and Washington DC Now Platform releases contain a jelly template injection vulnerability in UI macros. An unauthenticated user could exploit this vulnerability to execute code remotely.
Vulnerability details
- Affected productsUtah, Vancouver, and Washington DC Now Platform
- KEV remediation due2024-08-19