CVE-2025-11449 is a reflected cross-site scripting (XSS) vulnerability classified under CWE-79, found in the ServiceNow AI Platform. This vulnerability arises from improper neutralization of user input during web page generation, allowing an attacker to inject malicious scripts into web pages viewed by other users. When a ServiceNow user clicks on a specially crafted link containing malicious payloads, the injected script executes in their browser context. This can lead to arbitrary code execution, session hijacking, or theft of sensitive information accessible within the user's session. The vulnerability does not require any privileges or authentication and can be exploited remotely with low attack complexity, but it requires user interaction (clicking the malicious link). ServiceNow has addressed this issue by deploying security updates across most hosted instances and providing patches and hotfixes to self-hosted customers and partners. The CVSS v4.0 base score is 5.3, reflecting a medium severity level due to the combination of remote exploitability and user interaction requirement. No known exploits have been reported in the wild yet. The vulnerability affects all versions of the ServiceNow AI Platform prior to the patch. Given the widespread use of ServiceNow in enterprise environments, this vulnerability poses a risk to organizations relying on the platform for IT service management and AI-driven workflows.

For European organizations, this vulnerability poses a moderate risk primarily to the confidentiality and integrity of user sessions within the ServiceNow AI Platform. Successful exploitation could allow attackers to execute arbitrary scripts in the context of authenticated users, potentially leading to session hijacking, unauthorized data access, or manipulation of platform workflows. This can disrupt business processes and lead to data breaches, especially in organizations where ServiceNow is integrated with critical IT infrastructure or sensitive data repositories. The requirement for user interaction limits the scope somewhat, but phishing or social engineering campaigns could be used to lure users into clicking malicious links. The impact is heightened in sectors such as finance, healthcare, and government, where ServiceNow is commonly used and where data sensitivity is high. Additionally, the AI Platform’s integration with automated workflows could amplify the consequences of exploitation if malicious scripts trigger unauthorized actions. Although no active exploits are known, the medium severity rating and the platform’s critical role in enterprise environments warrant prompt remediation to avoid potential targeted attacks.

European organizations using the ServiceNow AI Platform should immediately apply the security updates and patches released by ServiceNow to remediate CVE-2025-11449. For self-hosted instances or uniquely configured environments, coordinate with ServiceNow support to ensure all relevant hotfixes are applied. Implement strict input validation and output encoding on any custom integrations or extensions interacting with the platform to reduce XSS risks. Educate users on the dangers of clicking unsolicited or suspicious links, especially those purporting to be from internal IT or ServiceNow communications, to mitigate social engineering vectors. Employ web security controls such as Content Security Policy (CSP) headers to restrict script execution sources and reduce the impact of potential XSS attacks. Monitor logs and user activity for unusual behavior that could indicate exploitation attempts. Regularly review and update incident response plans to include scenarios involving web application vulnerabilities like reflected XSS. Finally, maintain up-to-date asset inventories to quickly identify and patch all affected ServiceNow instances across the organization.