THREATOPS
THREAT OPSCVEs › CVE-2025-24893

CVE-2025-24893 — XWiki Platform Eval Injection Vulnerability

CISA KEVExploited: confirmedXWiki

XWiki Platform contains an eval injection vulnerability that could allow any guest to perform arbitrary remote code execution through a request to SolrSearch.

Vulnerability details