CVE-2026-1769

Medium CVSS: 5.3

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xerox CentreWare on Windows allows Stored XSS.This issue affects CentreWare: through 7.0.6.

Consider
upgrading Xerox® CentreWare Web® to v7.2.2.25 via the software available on Xerox.com

Vendor

Xerox

Product

Centreware Web

CWE

CWE-79

Yayın Tarihi

2026-02-06 18:15:56

Güncelleme

2026-02-24 20:58:11

Source Identifier

10b61619-3869-496c-8a1e-f291b0e71e3f

KEV Date Added

Kategoriler

CWE-79 Centreware Web MEDIUM Xerox 2026

Referanslar

https://securitydocs.business.xerox.com/wp-content/uploads/2026/02/Xerox-Security-Bulletin-XRX26-003-for-Xerox-CentreWare-Web.pdf

Benzer Kayıtlar

High

CVE-2026-2252

An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via craft…

Critical

CVE-2026-2251

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows…

Critical

CVE-2025-8356

In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to access unauthorized file…

High

CVE-2025-8355

In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker…

Medium

CVE-2024-55931

Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access if a user's session is…

Medium

CVE-2024-55928

Xerox Workplace Suite exposes sensitive secrets in clear text, both locally and remotely. This vulnerability allows atta…