ServiceNow has disclosed details of a now-patched critical security flaw impacting its ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform arbitrary actions as that user.
The vulnerability, tracked as CVE-2025-12420, carries a CVSS score of 9.3 out of 10.0
"This issue [...] could enable an unauthenticated user to impersonate another user and

Recommended Comments
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.