Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Path Traversal leading to Remote Code Execution (RCE)
Vulnerability Description
Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core version 8.1.0 via the software available on - https://www.support.xerox.com/en-us/product/core/downloads https://www.support.xerox.com/en-us/product/core/downloads
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Xerox FreeFlow Core 安全漏洞
Vulnerability Description
Xerox FreeFlow Core是美国施乐(Xerox)公司的一款灵活易用的软件。 Xerox FreeFlow Core 8.0.7及之前版本存在安全漏洞,该漏洞源于路径名限制不当,可能导致未经授权的路径遍历并引发远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A