Yoroi

2 exploits Active since May 2017
CVE-2017-7952 EXPLOITDB HIGH text WRITEUP
INFOR EAM V11.0 Build 201410 - SQL Injection via Search Filter Value Parameter
INFOR EAM V11.0 Build 201410 has SQL injection via search fields, related to the filtervalue parameter.
CVSS 8.8
CVE-2017-7953 EXPLOITDB MEDIUM text WORKING POC
INFOR EAM V11.0 Build 201410 - Stored Cross-Site Scripting via Comment Fields
INFOR EAM V11.0 Build 201410 has XSS via comment fields.
CVSS 5.4