Vulnerability Details CVE-2025-64087
A Server-Side Template Injection (SSTI) vulnerability in the FreeMarker component of opensagres XDocReport v1.0.0 to v2.1.0 allows attackers to execute arbitrary code via injecting crafted template expressions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.1%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2025-64087
-
cpe:2.3:a:opensagres:xdocreport:*