CRITICAL🇵🇱 Wersja polska

CVE-2024-31465

CVSS 9.9v3.1pub. 2024-04-10upd. 2025-01-09

XWiki Platform is a generic wiki platform. Starting in version 5.0-rc-1 and prior to versions 14.10.20, 15.5.4, and 15.9-rc-1, any user with edit right on any page can execute any code on the server by adding an object of type `XWiki.SearchSuggestSourceClass` to their user profile or any other page. This compromises the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10 RC1. As a workaround, manually apply the patch to the document `XWiki.SearchSuggestSourceSheet`.

🤖 AI Analysis
How it works

An attacker with edit rights to any page can add an object of type `XWiki.SearchSuggestSourceClass` to their user profile or another page. When this object is processed, the platform evaluates its content as server-side code (CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code, CWE-94: Code Injection) without proper permission verification. As a result, any low-privileged user can inject and execute a payload on the server.

Impact

An attacker gains the ability to execute arbitrary code on the server (RCE), leading to complete takeover of the XWiki installation — compromising confidentiality, integrity, and availability of all platform data and functions.

Mitigation & patch

XWiki Platform should be updated to version 14.10.20, 15.5.4, or 15.10 RC1. If an update is not possible, as a workaround, manually apply a patch to the `XWiki.SearchSuggestSourceSheet` document according to the vendor's reference instructions.

Who is affected

XWiki Platform in versions from 5.0-rc-1 to (excluding) 14.10.20, 15.5.4, and 15.9-rc-1

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Xwiki

    APP
    Xwiki
    5.25.3 – 14.10.20 (bez)15.0 – 15.5.4 (bez)15.6 – 15.10 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-24893CRITICAL9.8⚠ KEVPL ✓ten sam produkt

XWiki Platform — niezautoryzowany RCE przez endpoint SolrSearch

CVE-2025-55748CRITICAL9.3PL ✓ten sam produkt

XWiki Platform — path traversal umożliwia odczyt plików konfiguracyjnych

CVE-2025-55747CRITICAL9.3PL ✓ten sam produkt

XWiki Platform: ujawnienie plików konfiguracyjnych przez webjars API (path traversal)

CVE-2025-32429CRITICAL9.3PL ✓ten sam produkt

SQL Injection w XWiki Platform via parametr sort w getdeleteddocuments.vm

CVE-2025-53836CRITICAL9.9PL ✓ten sam produkt

XWiki Rendering: bypass trybu restricted przez zagnieżdżone makra