Nov. 13, 2023, 8 p.m. | Emile Antone

Security Boulevard securityboulevard.com

On October 18, 2023, ServiceNow acknowledged a potential security issue stemming from misconfigurations of Simple List, a widget used simply to retrieve and display data within the Service Portal. This particular vulnerability had been discovered and documented a few days prior by security engineer Aaron Costello through an in-depth blog post. The objective of this […]


The post Are Your ServiceNow ACLs Publicly Exposing Data? appeared first on Obsidian Security.


The post Are Your ServiceNow ACLs Publicly Exposing Data? …

aaron blog blog post data display engineer exposing featured issue list misconfigurations october portal security security advisories security engineer service servicenow simple vulnerability

Information Security Engineers

@ D. E. Shaw Research | New York City

Security Operations Analyst | Connected Technology Group

@ KPMG Australia | Melbourne, Australia

Database Security Engineer Lead, Vice President

@ MUFG | Tampa - 4050 West Boy Scout Blvd.

Consultant, Offensive Security, Cyber Risk

@ Kroll | New Delhi, India

Ethical hacker / Pentester H/F

@ Hifield | Sèvres, France

Digital Trust Cyber Transformation Consultant

@ KPMG India | Mumbai, Maharashtra, India