Medscape - Customized SSL, Dangerous filesystem permissions, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Medscape published at the 'play' market has multiple vulnerabilities...

Medscape MedPulse - Dangerous filesystem permissions, Hardcoded secrets, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Medscape MedPulse published at the 'play' market has multiple vulnerabilities...

search.medscape.com XSS vulnerability

Vulnerable URL: http://search.medscape.com/search/?q=%22%3C/%3E%3Cscript%3Ealert%28%27XSSPOSED%27%29;%3C/script%3E& Details: Description| Value ---|--- Patched:| Yes, at 26.07.2017 Latest check for patch:| 26.07.2017 09:27 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Ale...

profreg.medscape.com XSS vulnerability

Open Bug Bounty ID: OBB-102573 Description| Value ---|--- Affected Website:| profreg.medscape.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...