CVE-2024-39736

Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.5 through 9.1.9

Description: The issue is related to improper validation of input by the HOST headers in HTTP requests, which could allow a remote attacker to conduct various attacks, including cross-site scripting, cache poisoning, or session hijacking.

Recommendations: For versions 9.1.5 through 9.1.9, update to a version that properly validates input by the HOST headers to prevent HTTP header injection attacks. As a temporary workaround, consider restricting access to the vulnerable system to minimize the risk of exploitation.