Aymane Chaki

**Name of the Vulnerable Software and Affected Versions** Plunet BusinessManager version 10.15.1 **Description** An issue in Plunet BusinessManager allows session hijacking, data theft, and unauthorized actions performed on behalf of a user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Plunet BusinessManager version 10.15.1 **Description** A flaw exists in Plunet BusinessManager that permits unauthorized actions to be carried out with the privileges of authorized users. The issue impacts the application's security by allowing malicious actors to potentially compromise user accounts and perform actions on their behalf. **Recommendations** Update Plunet BusinessManager to a newer version that contains a fix for this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** VMware NSX (affected versions not specified) **Description** The issue is related to a content spoofing vulnerability. An unauthenticated malicious actor may be able to craft a URL and redirect a victim to an attacker-controlled domain, leading to sensitive information disclosure. This can allow a remote attacker to gain unauthorized access to protected information by substituting a URL. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.