Control By Web X-400 devices are vulnerable to a cross-site scripting attack, which could result in private and session information being transferred to the attacker.
Credits
Floris Hendriks and Jeroen Wijenbergh of Radboud University reported these vulnerabilities to Control By Web.
