Lucene search
K

5 matches found

NVD
NVD
added 2026/01/20 4:16 p.m.8 views

CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

9.8CVSS0.00492EPSS
Exploits1References5
Snyk
Snyk
added 2026/01/20 3:44 p.m.4 views

XML External Entity (XXE) Injection

Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection via the XML parsing process. An attacker can execute arbitrary code by uploading a specially crafted .docx file containing malicious XML entities. Details XXE Injection is a type of attack against an...

9.8CVSS6.3AI score0.00492EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/01/20 12:0 a.m.4 views

CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

9.8CVSS5.9AI score0.00492EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/01/20 12:0 a.m.5 views

PT-2026-3629

Name of the Vulnerable Software and Affected Versions opensagres XDocReport versions 0.9.2 through 2.0.3 Description An XML External Entity XXE issue exists in opensagres XDocReport. Successful exploitation allows attackers to execute arbitrary code by uploading a specially crafted .docx file. Th...

9.8CVSS5.8AI score0.00492EPSS
Exploits1References14
OSV
OSV
added 2026/01/20 12:0 a.m.4 views

CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

9.8CVSS6AI score0.00492EPSS
Exploits1References7
Rows per page
Query Builder