Dorsett Controls Central Server update server has potential informationleaks with an unprotected file that contains passwords and API keys.
7.5CVSS
5.3AI Score
0.001EPSS
The InfoScan client download page can be intercepted with a proxy, toexpose filenames located on the system, which could lead to additionalinformation exposure.
5.3CVSS
5.3AI Score
0.0005EPSS
Dorsett Controls InfoScan is vulnerable due to a leak of possiblesensitive information through the response headers and the renderedJavaScript prior to user login.
5.3CVSS
5.2AI Score
0.0005EPSS