Don’t know what I’m talking about? Go and read this: Data Exposure and ServiceNow: The Elephant in the ITSM Room
This is an oversimplification of the issue. Read the post linked above and the different KB articles provided by ServiceNow to fully understand the issue and the steps you need to take to make sure your instances are protected.
If your ACLs are properly configured, you shouldn’t have any problems and no data will be exposed:
But, at some point, your admins/developers might make a mistake… (triple check that you don’t already have some misconfigurations!!!)
So why don’t you close that door? (unless you really do need the widgets to be public)