📦 Workplace Suite

A vulnerability in Xerox Workplace Suite allows attackers to read, upload, and delete arbitrary files on the server by manipulating HTTP headers. This occurs due to improper validation of header input...

This vulnerability in Xerox Workplace Suite allows attackers to predict or forge authentication tokens due to flawed token generation and hard-coded cryptographic keys. This enables unauthorized acces...

This vulnerability allows attackers to bypass API host restrictions in Xerox Workplace Suite by forging Host headers. Attackers can access sensitive API endpoints that should be restricted to specific...

Xerox Workplace Suite stores sensitive secrets like passwords and API keys in unencrypted plain text, making them accessible to attackers who can read local files or intercept network traffic. This af...

Xerox Workplace Suite has insecure default folder permissions that allow unauthorized users to access, modify, or delete files within the application's directories. This affects organizations using vu...