Digitalstrom Konfigurator version 1.10.0 suffers from cross site request forgery and cross site scripting vulnerabilities.