CVE-2025-64087: XDocReport affected by a Server-Side Template Injection (SSTI) vulnerability

Severity: Critical

CVSS Score: 9.8

A Server-Side Template Injection (SSTI) vulnerability in the FreeMarker component of opensagres XDocReport v1.0.0 to v2.1.0 allows attackers to execute arbitrary code via injecting crafted template expressions.