Enterprise Asset Management Security Vulnerabilities - February

CVE-2017-7952

INFOR EAM V11.0 Build 201410 has SQL injection via search fields, related to the filtervalue parameter.

CVE-2017-7953

INFOR EAM V11.0 Build 201410 has XSS via comment fields.