Vulnerabilities > Servicenow > Servicenow > jakarta
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-10 | CVE-2021-45901 | Information Exposure Through Discrepancy vulnerability in Servicenow Jakarta The password-reset form in ServiceNow Orlando provides different responses to invalid authentication attempts depending on whether the username exists. | 5.3 |
| 2018-08-03 | CVE-2018-7748 | Code Injection vulnerability in Servicenow Jakarta report_viewer.do in ServiceNow Release Jakarta Patch 8 and earlier allows remote attackers to execute arbitrary code via '${xyz}' Glide Scripting Injection in the sysparm_media parameter. | 8.8 |