CVE-2024-55969

Name of the Vulnerable Software and Affected Versions Syncfusion Essential Studio for ASP.NET MVC versions prior to 27.1.55

Description The issue occurs when resaving a DOCX document with an external reference XML, resulting in an XMLException. This problem is present in the DocIO feature of Syncfusion Essential Studio for ASP.NET MVC.

Recommendations For versions prior to 27.1.55, update to version 27.1.55 or later to resolve the issue. As a temporary workaround, consider avoiding the resaving of DOCX documents with external reference XML until a patch is available. Restrict access to the DocIO feature to minimize the risk of exploitation.