CVE-2024-55930

Medium CVSS: 6.7

Xerox Workplace Suite has weak default folder permissions that allow unauthorized users to access, modify, or delete files

Vendor

Product

CWE

Yayın Tarihi

2025-01-23 18:15:32

Güncelleme

2026-01-30 21:30:28

Source Identifier

10b61619-3869-496c-8a1e-f291b0e71e3f

KEV Date Added

CWE-276 Workplace Suite MEDIUM Xerox 2025

High

CVE-2026-2252

An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via craft…

Critical

CVE-2026-2251

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows…

Medium

CVE-2026-1769

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xerox Centr…

Critical

CVE-2025-8356

In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to access unauthorized file…

High

CVE-2025-8355

In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker…

Medium

CVE-2024-55931

Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access if a user's session is…