Xdocreport

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-65482 CRITICAL PATCH Act Now

XDocReport v0.9.2 through v2.0.3 has an XML External Entity (XXE) vulnerability that allows attackers to read arbitrary files, perform SSRF, and potentially achieve remote code execution.

XXE Xdocreport
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-64087 CRITICAL PATCH Act Now

A server-side template injection vulnerability (CWE-1336) with CVSS 9.8 allows remote attackers to execute arbitrary code through crafted template expressions.

RCE Xdocreport
NVD GitHub
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-65482
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

XDocReport v0.9.2 through v2.0.3 has an XML External Entity (XXE) vulnerability that allows attackers to read arbitrary files, perform SSRF, and potentially achieve remote code execution.

XXE Xdocreport
NVD GitHub
CVE-2025-64087
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

A server-side template injection vulnerability (CWE-1336) with CVSS 9.8 allows remote attackers to execute arbitrary code through crafted template expressions.

RCE Xdocreport
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy