Security
Headlines

Headlines Latest CVEs

Headline

GHSA-7jc7-g598-2p64: XDocReport affected by an XML External Entity (XXE) vulnerability

An XML External Entity (XXE) vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file.

7 days ago

#vulnerability #git #java #intel #maven

Skip to content

Navigation Menu

- AI CODE CREATION
  - GitHub CopilotWrite better code with AI
  - GitHub SparkBuild and deploy intelligent apps
  - GitHub ModelsManage and compare prompts
  - MCP RegistryNewIntegrate external tools

View all features

Pricing

Provide feedback

Saved searches****Use saved searches to filter your results more quickly

Sign up

Appearance settings

GitHub Advisory Database
GitHub Reviewed
CVE-2025-65482

XDocReport affected by an XML External Entity (XXE) vulnerability

Critical severity GitHub Reviewed Published Jan 20, 2026 to the GitHub Advisory Database • Updated Jan 21, 2026

Package

maven fr.opensagres.xdocreport:fr.opensagres.xdocreport.document (Maven)

Affected versions

>= 0.9.2, < 2.0.4

Description

Published to the GitHub Advisory Database

Jan 20, 2026

Last updated

Jan 21, 2026

EPSS score

ghsa: Latest News

GHSA-j4rc-96xj-gvqc: phpMyFAQ: Public API endpoints expose emails and invisible questions

4 days ago

GHSA-wm8h-26fv-mg7g: phpMyFAQ: /api/setup/backup accessible to any authenticated user (authz missing)

4 days ago

GHSA-7p9h-m7m8-vhhv: phpMyFAQ: Attachment download allowed without dlattachment right (broken access control)

4 days ago

GHSA-w7rq-fgx4-4xcm: LavaLite CMS affected by a stored cross-site scripting vulnerability

4 days ago

GHSA-mxc8-4jqf-368q: miniserve affected by a TOCTOU and symlink race vulnerability

4 days ago