CVE-2022-38463
published 2022-08-23CVE-2022-38463: ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality.
PriorityP336medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
2.26%
80.8th percentile
ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| servicenow | servicenow | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
ServiceNow - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2022-38463 [MEDIUM] ServiceNow - Cross-Site Scripting
ServiceNow - Cross-Site Scripting
ServiceNow through San Diego Patch 4b and Patch 6 contains a cross-site scripting vulnerability in the logout functionality, which can enable an unauthenticated remote attacker to execute arbitrary JavaScript.
Template:
id: CVE-2022-38463
info:
name: ServiceNow - Cross-Site Scripting
author: amanrawat
severity: medium
description: |
ServiceNow through San Diego Patch 4b and Patch 6 contains a cross-site scripting vulnerability in the logout functionality, which can enable an unauthenticated remote attacker to execute arbitrary JavaScript.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, data theft, or defacement of t
Greynoiseio
NoiseLetter October 2025
blogs_greynoiseio
NoiseLetter October 2025
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation Add context to incidents to speed the determinations of scope and timelines
Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns
Why GreyNoise
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Fin
HackerOne
XSS in ServiceNow logout https://████:443
hackerone·2023-05-15·CVSS 6.1
CVE-2022-38463 [MEDIUM] XSS in ServiceNow logout https://████:443
XSS in ServiceNow logout https://████:443
**Description:**
XSS in ServiceNow logout
https://██████:443/logout_redirect.do?sysparm_url=//j%5c%5cjavascript%3aalert(document.domain)
## References
https://nvd.nist.gov/vuln/detail/CVE-2022-38463
## Impact
Unauthenticated remote attacker can execute code in user's browser context. User must click on malicious link
## System Host(s)
███████
## Affected Product(s) and Version(s)
Servicenow prior to SanDiego SP6
## CVE Numbers
CVE-2022-38463
## Steps to Reproduce
Click on https://█████:443/logout_redirect.do?sysparm_url=//j%5c%5cjavascript%3aalert(document.domain)
## Suggested Mitigation/Remediation Actions
Upgrade to patched version of ServiceNow
HackerOne
XSS DUE TO CVE-2022-38463 in https://████████
hackerone·2022-09-14·CVSS 6.1
CVE-2022-38463 [MEDIUM] XSS DUE TO CVE-2022-38463 in https://████████
XSS DUE TO CVE-2022-38463 in https://████████
**Description:**
During my research, I found one of the host running ServiceNow vulnerable to CVE-2022-38463 . ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality.
## Impact
Attacker is able to steal victims cookies, redirect victim to attacker controlled domain, and perform various malicious activities.
## System Host(s)
███
## Affected Product(s) and Version(s)
## CVE Numbers
## Steps to Reproduce
1.Enter the following crafted URL in any web-browser.
https://█████████/logout_redirect.do?sysparm_url=//j%5c%5cjavascript%3aalert(document.domain)
2. XSS will be triggered.
## Suggested Mitigation/Remediation Actions
2022-08-23
Published