ServiceNow patches critical security flaw allowing user impersonation

This issue [...] could enable an unauthenticated user to impersonate another user and perform the operations that the ...
The Hacker News

ServiceNow Patches Critical AI Platform Flaw Allowing Unauthenticated User Impersonation

ServiceNow fixed CVE-2025-12420, a critical flaw that let unauthenticated attackers impersonate users on its AI Platform.