SNOW-22.1: SSRF via Dynamic RESTMessageV2 Endpoint
๐จ Critical ยท ServiceNow SSRF
Detects agent scripts using sn_ws.RESTMessageV2 with dynamic endpoint parameters derived from user input, enabling SSRF against internal services.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | SNOW-22.1 |
| Severity | Critical |
| Category | ServiceNow SSRF |
| Platforms | servicenow |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to SNOW-22.1.