Opensagres Xdocreport
2 CVEs affecting Opensagres Xdocreport. Latest disclosed: 2026-01-20. Critical: 2, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-65482 | Critical | 9.8 | 2026-01-20 | An XML External Entity (XXE) vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx f… |
CVE-2025-64087 | Critical | 9.8 | 2026-01-20 | A Server-Side Template Injection (SSTI) vulnerability in the FreeMarker component of opensagres XDocReport v1.0.0 to v2.1.0 allows attackers to execute arbitra… |