Vulnerabilities > Computrols > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-24 | CVE-2019-10848 | Information Exposure Through Discrepancy vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Username Enumeration. | 5.3 |
| 2019-05-23 | CVE-2019-10846 | Cross-site Scripting vulnerability in Computrols Building Automation System Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter. | 6.1 |
| 2019-05-23 | CVE-2019-10851 | Use of Hard-coded Credentials vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 has hard-coded encryption keys. | 6.5 |