module
Remote Code Execution Vulnerability in XWiki Platform (CVE-2025-24893)
| Disclosed | Created |
|---|---|
| Feb 20, 2025 | Sep 1, 2025 |
Disclosed
Feb 20, 2025
Created
Sep 1, 2025
Description
This module exploits a template injection vulnerability in the the XWiki Platform.
XWiki includes a macro called SolrSearch (defined in Main.SolrSearchMacros) that enables full-text search through the embedded Solr engine.
The vulnerability stems from the way this macro evaluates search parameters in Groovy, failing to sanitize or restrict malicious input.
This vulnerability affects XWiki Platform versions >= 5.3-milestone-2 and = 16.0.0-rc-1 and
Successful exploitation may result in the remote code execution under the privileges
of the web server, potentially exposing sensitive data or disrupting survey operations.
An attacker can execute arbitrary system commands in the context of the user running the web server.
XWiki includes a macro called SolrSearch (defined in Main.SolrSearchMacros) that enables full-text search through the embedded Solr engine.
The vulnerability stems from the way this macro evaluates search parameters in Groovy, failing to sanitize or restrict malicious input.
This vulnerability affects XWiki Platform versions >= 5.3-milestone-2 and = 16.0.0-rc-1 and
Successful exploitation may result in the remote code execution under the privileges
of the web server, potentially exposing sensitive data or disrupting survey operations.
An attacker can execute arbitrary system commands in the context of the user running the web server.
Authors
Maksim Rogov
John Kwak
John Kwak
Platform
Linux,Unix,Windows
Architectures
cmd
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.