6 matches found
CVE-2025-8355
creationtimestamp| type| source ---|---|--- 2025-08-11 11:21:56+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lw4okhoabkr2 2025-08-11 11:40:37+00:00| seen|...
CVE-2025-8355
In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker can craft malicious XML containing references to internal URLs, this results in a Server-Side Request Forgery SSRF...
CVE-2025-8355
In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker can craft malicious XML containing references to internal URLs, this results in a Server-Side Request Forgery SSRF...
CVE-2025-8355
CVE-2025-8355 affects Xerox FreeFlow Core 8.0.4. It is an XML parsing XXE issue that enables SSRF by referencing internal URLs in crafted XML sent to jmfclient.jar. CVSS metrics point to HIGH impact with potential confidentiality exposure but no explicit code integrity/availability impact. Xerox ...
CVE-2025-8355 XXE leading to SSRF
In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker can craft malicious XML containing references to internal URLs, this results in a Server-Side Request Forgery SSRF...
CVE-2025-8355 XXE leading to SSRF
In Xerox FreeFlow Core version 8.0.4, improper handling of XML input allows injection of external entities. An attacker can craft malicious XML containing references to internal URLs, this results in a Server-Side Request Forgery SSRF...