{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T04:17:55.486","vulnerabilities":[{"cve":{"id":"CVE-2025-24893","sourceIdentifier":"security-advisories@github.com","published":"2025-02-20T20:15:46.697","lastModified":"2025-10-31T13:17:09.460","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any guest can perform arbitrary remote code execution through a request to `SolrSearch`. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on an instance, without being logged in, go to `<host>/xwiki/bin/get/Main/SolrSearch?media=rss&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28\"Hello%20from\"%20%2B%20\"%20search%20text%3A\"%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20`. If there is an output, and the title of the RSS feed contains `Hello from search text:42`, then the instance is vulnerable. This vulnerability has been patched in XWiki 15.10.11, 16.4.1 and 16.5.0RC1. Users are advised to upgrade. Users unable to upgrade may edit `Main.SolrSearchMacros` in `SolrSearchMacros.xml` on line 955 to match the `rawResponse` macro in `macros.vm#L2824` with a content type of `application/xml`, instead of simply outputting the content of the feed."},{"lang":"es","value":"XWiki Platform es una plataforma wiki genérica que ofrece servicios de ejecución para aplicaciones creadas sobre ella. Cualquier invitado puede ejecutar código remoto arbitrario mediante una solicitud a `SolrSearch`. Esto afecta la confidencialidad, integridad y disponibilidad de toda la instalación de XWiki. Para reproducir en una instancia sin iniciar sesión, vaya a `/xwiki/bin/get/Main/SolrSearch?media=rss&amp;text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28\"Hello%20from\"%20%2B%20\"%20search%20text%3A\"%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20`. Si hay una salida y el título de la fuente RSS contiene `Hello from search text:42`, entonces la instancia es vulnerable. Esta vulnerabilidad ha sido corregida en XWiki 15.10.11, 16.4.1 y 16.5.0RC1. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar pueden editar `Main.SolrSearchMacros` en `SolrSearchMacros.xml` en la línea 955 para que coincida con la macro `rawResponse` en `macros.vm#L2824` con un tipo de contenido de `application/xml`, en lugar de simplemente mostrar el contenido de la fuente."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"cisaExploitAdd":"2025-10-30","cisaActionDue":"2025-11-20","cisaRequiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","cisaVulnerabilityName":"XWiki Platform Eval Injection Vulnerability","weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-95"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4","versionEndExcluding":"15.10.11","matchCriteriaId":"A9F2AD2E-CF5D-46D1-AFB8-2E9529C8E8D4"},{"vulnerable":true,"criteria":"cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.4.1","matchCriteriaId":"5921C493-2A56-49BC-8763-7D12518C0DC2"},{"vulnerable":true,"criteria":"cpe:2.3:a:xwiki:xwiki:5.3:-:*:*:*:*:*:*","matchCriteriaId":"F5CC1FB7-2BAD-4413-9955-02E06BA27305"},{"vulnerable":true,"criteria":"cpe:2.3:a:xwiki:xwiki:5.3:milestone2:*:*:*:*:*:*","matchCriteriaId":"067AAD11-1AB2-4688-8D81-F2464CD2FA14"},{"vulnerable":true,"criteria":"cpe:2.3:a:xwiki:xwiki:5.3:rc1:*:*:*:*:*:*","matchCriteriaId":"F2FCE7B4-E701-4C07-B4A9-31EC6C25F882"}]}]}],"references":[{"url":"https://github.com/xwiki/xwiki-platform/blob/568447cad5172d97d6bbcfda9f6183689c2cf086/xwiki-platform-core/xwiki-platform-search/xwiki-platform-search-solr/xwiki-platform-search-solr-ui/src/main/resources/Main/SolrSearchMacros.xml#L955","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://github.com/xwiki/xwiki-platform/blob/67021db9b8ed26c2236a653269302a86bf01ef40/xwiki-platform-core/xwiki-platform-web/xwiki-platform-web-templates/src/main/resources/templates/macros.vm#L2824","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://github.com/xwiki/xwiki-platform/commit/67021db9b8ed26c2236a653269302a86bf01ef40","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rr6p-3pfg-562j","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://jira.xwiki.org/browse/XWIKI-22149","source":"security-advisories@github.com","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24893","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}}]}