CNNVD-202508-761 Information

CNNVD ID

CNNVD-202508-761

Related CVE

CVE-2025-8355

• CNNVD Published: 2025-08-08

Description (Chinese)

Xerox FreeFlow Core是美国施乐（Xerox）公司的一款灵活易用的软件。 Xerox FreeFlow Core 8.0.4版本存在安全漏洞，该漏洞源于XML输入处理不当，可能导致服务端请求伪造。

Description (English)

Xerox FreeFlow Core is a flexible and easy-to-use software for Xerox. There is a security gap in Xerox FreeFlow Core version 8.4, which stems from the mishandling of XML input, which may lead to forgery of service-level requests.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

施乐

Published

2025-08-08

Last Modified

2026-02-24

References

https://securitydocs.business.xerox.com/wp-content/uploads/2025/08/Xerox-Security-Bulletin-025-013-for-Freeflow-Core-8.0.5.pdf

Patch

https://securitydocs.business.xerox.com/wp-content/uploads/2025/08/Xerox-Security-Bulletin-025-013-for-Freeflow-Core-8.0.5.pdf