Vulnerabilities > Hcltech > Traveler
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-15 | CVE-2022-27561 | Cross-site Scripting vulnerability in Hcltech Traveler 10.0.0.0/12.0.1.0/12.0.1.1 There is a reflected Cross-Site Scripting vulnerability in the HCL Traveler web admin (LotusTraveler.nsf). | 4.8 |
| 2022-06-01 | CVE-2021-27778 | Cross-site Scripting vulnerability in Hcltech Traveler 10.0.0.0/12.0.1.0 HCL Traveler is vulnerable to a cross-site scripting (XSS) caused by improper validation of the Name parameter for Approved Applications in the Traveler administration web pages. | 4.8 |
| 2019-10-18 | CVE-2019-4409 | Cross-site Scripting vulnerability in Hcltech Traveler HCL Traveler versions 9.x and earlier are susceptible to cross-site scripting attacks. | 5.4 |