Bleeping Computer

New ServiceNow flaw lets attackers enumerate restricted data

A new vulnerability in ServiceNow, dubbed Count(er) Strike, allows low-privileged users to extract sensitive data from tables to which they should not have access. ServiceNow is a cloud-based platform ...
GitHub

wojtablo/sn-scoped-app-scanner

A ServiceNow Background Script that performs a comprehensive audit of a scoped application — detecting cross-scope references, dictionary overrides, script inventory, and code quality patterns. Output ...