IBM Connections 5.0, 5.5, and 6.0 is vulnerable to possible host header injection attack that could cause navigation to the attacker's domain. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
A cross-site scripting (XSS) flaw was found in the foreman component of satellite. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity.
Philips HealthSuite Health Android App, all versions. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.