Threat Advisories - NVD Disclosed February 20, 2025

CVE-2025-24893

XWiki Platform Remote Code Execution Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A vulnerability in XWiki Platform allows unauthenticated users to execute arbitrary code, impacting data confidentiality, integrity, and availability. This risk is associated with the `SolrSearch` function and requires immediate attention.

NVD published: February 20, 2025 • CISA KEV