CVE-2019-10846 (computrols_building_automation_software)

Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter.
Source: NIST
CVE-2019-10846 (computrols_building_automation_software)