HCL Traveler is susceptible to a Reflected Cross-Site Scripting vulnerability in the web admin (LotusTraveler.nsf)
CVE-2022-27561

7.5HIGH

Key Information:

Vendor

Hcl Software
Status
Hcl Traveler
Vendor
CVE Published:
15 September 2022

What is CVE-2022-27561?

There is a reflected Cross-Site Scripting vulnerability in the HCL Traveler web admin (LotusTraveler.nsf).

Affected Version(s)

HCL Traveler 12.1.1 and prior

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.