CVE-2024-55931

Medium CVSS: 6.5

Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access if a user's session is compromised.

The patch for this vulnerability will be included in a future release of Workplace Suite, and customers will be notified through an update to the security bulletin.

Vendor

Xerox

Product

Workplace Suite

CWE

CWE-922

Yayın Tarihi

2025-01-27 12:15:27

Güncelleme

2026-01-30 21:30:11

Source Identifier

10b61619-3869-496c-8a1e-f291b0e71e3f

KEV Date Added

Kategoriler

CWE-922 Workplace Suite MEDIUM Xerox 2025

Referanslar

https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf

Benzer Kayıtlar

High

CVE-2026-2252

An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via craft…

Critical

CVE-2026-2251

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows…

Medium

CVE-2026-1769

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xerox Centr…

Critical

CVE-2025-8356

In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to access unauthorized file…

High

CVE-2025-8355

In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker…

Medium

CVE-2024-55928

Xerox Workplace Suite exposes sensitive secrets in clear text, both locally and remotely. This vulnerability allows atta…