An issue exists in cmseasy v7.0.0 that allows user credentials to be sent in clear text due to no encryption of form data.
cmseasy cmseasy 7.0