Xerox issued a fix for two vulnerabilities impacting its DocuShare enterprise document management platform. The bugs, if exploited, could expose users to an attack resulting in the loss of sensitive data. Xerox did not share the specifics of the bugs or possible attack scenarios. The vulnerabilities open Solaris, Linux and Windows DucuShare users up to both a server-side request forgery (SSRF) attack and an unauthenticated external XML entity injection attack (XXE) A successful XXE attack would allow a cybercriminal to gain access to confidential data.”]