CVE-2025-24893

XWiki Platform Eval Injection Vulnerability

Description

XWiki Platform contains an eval injection vulnerability that could allow any guest to perform arbitrary remote code execution through a request to SolrSearch.

Severity: CRITICAL

CVSS Score: 9.8

Vendor: XWiki

Product: Platform