Product
hcltech traveler
9 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-21783
CVE-2025-0279
CVE-2025-0278
CVE-2025-1773
CVE-2025-1771
CVE-2022-27561
CVE-2021-27778
CVE-2019-4409
CVE-2016-3039
< 14.5.1.0
HCL Traveler is affected by sensitive information disclosure. The application generates some error messages that provide detaile
<= 14.0.0.1
HCL Traveler generates some error messages that provide detailed information about errors and failures, such as internal paths, fi
<= 14.0.0.1
HCL Traveler is affected by an internal path disclosure in a Windows application when the application inadvertently reveals intern
< 3.1.9
The Traveler theme for WordPress is vulnerable to Reflected Cross-Site Scripting via multiple parameters in all versions up to, an
< 3.1.9
The Traveler theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.8 via the 'hotel_
< 12.0.1.2
There is a reflected Cross-Site Scripting vulnerability in the HCL Traveler web admin (LotusTraveler.nsf).
<= 12.0.1.0
HCL Traveler is vulnerable to a cross-site scripting (XSS) caused by improper validation of the Name parameter for Approved Applic
< 10.0.0.0
HCL Traveler versions 9.x and earlier are susceptible to cross-site scripting attacks. On the Problem Report page of the Traveler
all versions
IBM Traveler 8.x and 9.x before 9.0.1.12 allows remote authenticated users to read arbitrary files or cause a denial of service (m