- Description
- XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any guest can perform arbitrary remote code execution through a request to `SolrSearch`. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on an instance, without being logged in, go to `<host>/xwiki/bin/get/Main/SolrSearch?media=rss&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28"Hello%20from"%20%2B%20"%20search%20text%3A"%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20`. If there is an output, and the title of the RSS feed contains `Hello from search text:42`, then the instance is vulnerable. This vulnerability has been patched in XWiki 15.10.11, 16.4.1 and 16.5.0RC1. Users are advised to upgrade. Users unable to upgrade may edit `Main.SolrSearchMacros` in `SolrSearchMacros.xml` on line 955 to match the `rawResponse` macro in `macros.vm#L2824` with a content type of `application/xml`, instead of simply outputting the content of the feed.
- Source
- security-advisories@github.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security-advisories@github.com
- CWE-95
- Hype score
- Not currently trending
#XWiki Platform #RCE (CVE-2025-24893) https://t.co/KqUvbEgNkR
@absholi7ly
5 Mar 2025
136 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
csirt_it: La Settimana Cibernetica del 23 febbraio 2025 🔹aggiornamenti per molteplici prodotti 🔹Xerox: rilevate vulnerabilità in prodotti Versalink 🔹XWiki: PoC per la CVE-2025-24893 🔹Microsoft: sfruttamento attivo in rete della CVE-2025-24989 ⚠️ #E… https://t.co/flACCIWbA4
@Vulcanux_
24 Feb 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-24893 ⚠️🔴 CRITICAL (9.8) 🏢 xwiki - xwiki-platform 🏗️ >= 5.3-milestone-2, < 15.10.11 🔗 https://t.co/RehOm4y8aO 🔗 https://t.co/te3FeYPtKq 🔗 https://t.co/xusI78TZ5s 🔗 https://t.co/54P39Imaor 🔗 https://t.co/nT9bq2aQmM #CyberCron #VulnAlert https://t.co/hX7zo
@cybercronai
22 Feb 2025
17 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
csirt_it: ‼ #XWiki: disponibile un #PoC per lo sfruttamento della CVE-2025-24893 tramite #SolrSearch Rischio: 🔴 Tipologia: 🔸 Remote Code Execution 🔗 https://t.co/vdqUriCQoa ⚠ Importante mantenere aggiornati i sistemi https://t.co/vAqkbUEu1W
@Vulcanux_
21 Feb 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2025-24893 | xwiki-platform up to 15.10.10/16.4.0 neutralization of directives (GHSA-rr6p-3pfg-562j)) has been published on https://t.co/COjeYxUMoV
@WolfgangSesin
20 Feb 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-24893: CRITICAL] XWiki Platform vulnerability through `SolrSearch` allows remote code execution leading to data breach. Patched in versions 15.10.11, 16.4.1 and 16.5.0RC1, ensure immediate upgrade.#cybersecurity,#vulnerability https://t.co/J3bofJGM9w https://t.co/0spCC3
@CveFindCom
20 Feb 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes