Vulnerabilities > Hcltech > Traveler

DATE CVE VULNERABILITY TITLE RISK
2022-09-15 CVE-2022-27561 Cross-site Scripting vulnerability in Hcltech Traveler 10.0.0.0/12.0.1.0/12.0.1.1
There is a reflected Cross-Site Scripting vulnerability in the HCL Traveler web admin (LotusTraveler.nsf).
network
low complexity
hcltech CWE-79
4.8
2022-06-01 CVE-2021-27778 Cross-site Scripting vulnerability in Hcltech Traveler 10.0.0.0/12.0.1.0
HCL Traveler is vulnerable to a cross-site scripting (XSS) caused by improper validation of the Name parameter for Approved Applications in the Traveler administration web pages.
network
low complexity
hcltech CWE-79
4.8
2019-10-18 CVE-2019-4409 Cross-site Scripting vulnerability in Hcltech Traveler
HCL Traveler versions 9.x and earlier are susceptible to cross-site scripting attacks.
network
low complexity
hcltech CWE-79
5.4