CVE-2025-8355

Name of the Vulnerable Software and Affected Versions Xerox FreeFlow Core version 8.0.4

Description Improper handling of XML input allows injection of external entities, leading to a Server-Side Request Forgery (SSRF). An attacker can craft malicious XML containing references to internal URLs to exploit this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.