Workplace Suite CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-55930	1 Xerox	1 Workplace Suite	2026-01-30	6.7 Medium
Xerox Workplace Suite has weak default folder permissions that allow unauthorized users to access, modify, or delete files
CVE-2024-55931	1 Xerox	1 Workplace Suite	2026-01-30	6.5 Medium
Xerox Workplace Suite stores tokens in session storage, which may expose them to potential access if a user's session is compromised. The patch for this vulnerability will be included in a future release of Workplace Suite, and customers will be notified through an update to the security bulletin.
CVE-2024-55929	1 Xerox	1 Workplace Suite	2026-01-30	5.3 Medium
A mail spoofing vulnerability in Xerox Workplace Suite allows attackers to forge email headers, making it appear as though messages are sent from trusted sources.

Page 1 of 1.