From threatpost.com
CISA warns the leading enterprise document management platform is open to attack and urges companies to apply fixes.
Xerox issued a fix for two vulnerabilities impacting its market-leading DocuShare enterprise document management platform. The bugs, if exploited, could expose DocuShare users to an attack resulting in the loss of sensitive data.
On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) issued a security bulletin urging users and administrators to apply a patch that plugged two security holes in recently released versions (6.6.1, 7.0, and 7.5) of Xerox’s DocuShare. The vulnerability is rated important.