CVE-2025-64087

Publication date

2026-01-20 00:00:00

Family

mitre

State

PUBLISHED

Description

A Server-Side Template Injection (SSTI) vulnerability in the FreeMarker component of opensagres XDocReport v1.0.0 to v2.1.0 allows attackers to execute arbitrary code via injecting crafted template expressions.