7 matches found
CVE-2017-7953
INFOR EAM V11.0 Build 201410 has XSS via comment fields...
CVE-2017-7953
INFOR EAM V11.0 Build 201410 has XSS via comment fields...
Design/Logic Flaw
INFOR EAM V11.0 Build 201410 has XSS via comment fields...
Sql injection
INFOR EAM V11.0 Build 201410 has SQL injection via search fields, related to the filtervalue parameter...
CVE-2017-7952
INFOR EAM V11.0 Build 201410 contains an SQL injection in search/filter functionality related to the filtervalue parameter. Multiple connected sources (e.g., CVE-2017-7952 records, exploitation writeups, CNVD/PRION entries) describe a vulnerability where user-controlled filtervalue can be crafted...
CVE-2017-7953
INFOR EAM V11.0 Build 201410 has XSS via comment fields...
CVE-2017-7953
CVE-2017-7953 concerns INFOR EAM v11.0 Build 201410, which is affected by a stored cross-site scripting (XSS) vulnerability in the comments feature. The connected sources describe injecting JavaScript into the Comments tab to trigger XSS for any authenticated user who views a comment, enabling po...