XWiki
Moderate fix4 remedies
cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*
Moderate fix4 remedies
- >= 5.3-milestone-2, < 15.10.11
- >= 16.0.0-rc-1, < 16.4.1
Actively Exploited in the Wild
This vulnerability is being actively exploited in the wild.
XWiki Platform SolrSearch Remote Code Execution Vulnerability
Vulnerability
Exploited
Patched
A remote code execution vulnerability has been identified in XWiki Platform versions 5.3-milestone-2 prior to 15.10.11, and 16.0.0-rc-1 prior to 16.4.1. The issue arises in the SolrSearch feature, where the 'text' parameter is not properly sanitized before being processed. This allows unauthenticated users to execute arbitrary code on the server. The vulnerability can be exploited by sending a crafted request to the SolrSearch endpoint, which then executes the injected code. This issue affects the confidentiality, integrity, and availability of the entire XWiki installation.
Impact
Exploitation of this vulnerability allows for arbitrary remote code execution on the server where XWiki is hosted.
Reproduction
To reproduce this vulnerability, send a request to the '/xwiki/bin/get/Main/SolrSearch' endpoint with the 'media' parameter set to 'rss' and the 'text' parameter containing the code to be executed. If the response includes the executed output, the vulnerability is present.
Remediation
Users can upgrade to XWiki versions 15.10.11, 16.4.1, or 16.5.0-rc-1 to address this vulnerability. For those unable to upgrade, a temporary workaround involves editing the 'Main.SolrSearchMacros' file to change the 'text' parameter handling.
Added: Jun 9, 2025, 7:46 PM
Updated: Oct 30, 2025, 5:51 PM
Vulnerability Rating
Custom Algorithm
spread
3.1impact
7.5exploitability
9.8remediation
7.7relevance
0.0threat
9.9urgency
2.9incentive
10.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.