Hospitality Simphony Security Vulnerabilities and Issues — Hospitality Simphony CVE List

Lucene search

OracleHospitality Simphony

7 matches found

CVE•added 2020/04/29 10:15 p.m.•6949 views

CVE-2020-11022

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

6.9CVSS7.2AI score0.02566EPSS

CVE•added 2019/04/20 12:29 a.m.•2213 views

CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

6.1CVSS6.4AI score0.01294EPSS

CVE•added 2017/10/19 5:29 p.m.•46 views

CVE-2017-10344

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). Supported versions that are affected are 2.8 and 2.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hos...

6.5CVSS6.4AI score0.00777EPSS

CVE•added 2018/04/19 2:29 a.m.•41 views

CVE-2018-2847

Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations). Supported versions that are affected are 1.6 and 1.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Or...

6.5CVSS6.1AI score0.00368EPSS

CVE•added 2017/10/19 5:29 p.m.•38 views

CVE-2017-10343

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). Supported versions that are affected are 2.8 and 2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospi...

6.5CVSS6AI score0.01002EPSS

CVE•added 2018/01/18 2:29 a.m.•35 views

CVE-2018-2619

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). The supported version that is affected is 2.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Simpho...

6.5CVSS6.1AI score0.00429EPSS

CVE•added 2019/01/16 7:30 p.m.•34 views

CVE-2019-2403

Vulnerability in the Oracle Hospitality Simphony component of Oracle Food and Beverage Applications. The supported version that is affected is 2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Simphony. Successful at...

6.5CVSS5.7AI score0.00588EPSS