Hospitality Guest Access

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-18	CVE-2015-9251	Cross-site Scripting vulnerability in multiple products jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. network low complexity jquery oracle CWE-79	6.1
2018-01-18	CVE-2018-2607	Unspecified vulnerability in Oracle Hospitality Guest Access 4.2.1 Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). network low complexity oracle	4.9
2018-01-18	CVE-2018-2606	Unspecified vulnerability in Oracle Hospitality Guest Access 4.2.0/4.2.1 Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). local low complexity oracle	6.2
2018-01-18	CVE-2018-2604	Unspecified vulnerability in Oracle Hospitality Guest Access 4.2.1 Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). network low complexity oracle	7.5
2017-10-19	CVE-2017-10383	Information Exposure vulnerability in Oracle Hospitality Guest Access 4.2.0/4.2.1 Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Interface). network low complexity oracle CWE-200	5.3
2017-10-19	CVE-2017-10375	Unspecified vulnerability in Oracle Hospitality Guest Access 4.2.0/4.2.1 Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). network low complexity oracle	4.6
2017-10-19	CVE-2017-10372	Unspecified vulnerability in Oracle Hospitality Guest Access 4.2.0/4.2.1 Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). network low complexity oracle	8.7
2017-10-19	CVE-2017-10370	Unspecified vulnerability in Oracle Hospitality Guest Access 4.2.0/4.2.1 Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). network low complexity oracle	6.9
2017-10-04	CVE-2017-12617	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. network high complexity apache canonical oracle debian netapp redhat CWE-434	8.1
2017-08-08	CVE-2017-10219	Unspecified vulnerability in Oracle Hospitality Guest Access 4.2.0.0/4.2.1.0 Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). local low complexity oracle	5.5