AT190510-Cuong/CVE-2025-64087-SSTI-

Releases0

Stars1

CVE-2025-64087 (SSTI)

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-64087 ↗	Jan 20, 2026Tuesday, 20 January 2026, 16:16	9.8 CRITICAL	—
A Server-Side Template Injection (SSTI) vulnerability in the FreeMarker component of opensagres XDocReport v1.0.0 to v2.1.0 allows attackers to execute arbitrary code via injecting crafted template expressions.