CVE-2016-6545

Session cookies are not used for maintaining valid sessions in iTrack Easy. The user's password is passed as a POST parameter over HTTPS using a base64 encoded passwd field on every request. In this implementation, sessions can only be terminated when the user changes the associated password. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt