CVE-2024-4879: ServiceNow Improper Input Validation Vulnerability.
ServiceNow Improper Input Validation Vulnerability. ServiceNow Utah, Vancouver, and Washington DC Now Platform releases contain a jelly template injection vulnerability in UI macros. An unauthenticated user could exploit this vulnerability to execute code remotely.
- CISA KEV-listed (remediation due 2024-08-19)
- EPSS 94.3% (100.0% percentile)