THREAT OPS › CVEs › CVE-2025-24893
CVE-2025-24893 — XWiki Platform Eval Injection Vulnerability
XWiki Platform contains an eval injection vulnerability that could allow any guest to perform arbitrary remote code execution through a request to SolrSearch.
Vulnerability details
- Affected productsPlatform
- KEV remediation due2025-11-20