CVE-2020-11022 | Oracle Hospitality Simphony up to 18.1/18.2/19.1.2 Simphony Apps cross site scripting (EDB-49766 / Nessus ID 209233)
A vulnerability classified as critical has been found in Oracle Hospitality Simphony up to 18.1/18.2/19.1.2. Affected is an unknown function of the component Simphony Apps. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2020-11022. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.