CVE-2025-24893: XWiki Platform Eval Injection Vulnerability. XWiki Platform

XWiki Platform Eval Injection Vulnerability. XWiki Platform contains an eval injection vulnerability that could allow any guest to perform arbitrary remote code execution through a request to SolrSearch.

• CISA KEV-listed (remediation due 2025-11-20)
• EPSS 93.7% (99.9% percentile)

Browse the CVE database

Read the full analysis on IntelFusions