EIP-2026-100077
PRE-CVEInfor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-100077. PoCs published by LiquidWorm.
AI-analyzed exploit summary This is a technical writeup detailing multiple stored XSS vulnerabilities in Infor CRM 8.2.0.1136. It includes HTTP request examples with malicious payloads in JSON parameters like 'description', 'Location', and 'LongNotes'.
Description
Infor CRM 8.2.0.1136 - Multiple HTML Script Injection Vulnerabilities
Exploits (1)
exploitdb
WRITEUP
by LiquidWorm · textwebappsashx
https://www.exploit-db.com/exploits/39497
This is a technical writeup detailing multiple stored XSS vulnerabilities in Infor CRM 8.2.0.1136. It includes HTTP request examples with malicious payloads in JSON parameters like 'description', 'Location', and 'LongNotes'.
Classification
Writeup 95%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Infor CRM 8.2.0.1136
No auth needed
Prerequisites:
Access to the vulnerable endpoint · Ability to send crafted HTTP requests
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026