Vulnerabilities > Servicenow > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-29 | CVE-2024-8924 | SQL Injection vulnerability in Servicenow Vancouver/Xanadu ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. | 7.5 |
| 2018-08-03 | CVE-2018-7748 | Code Injection vulnerability in Servicenow Jakarta report_viewer.do in ServiceNow Release Jakarta Patch 8 and earlier allows remote attackers to execute arbitrary code via '${xyz}' Glide Scripting Injection in the sysparm_media parameter. | 8.8 |