CVE-2025-24893CISA KEV: Actively Exploited

XWiki Platform Eval Injection Vulnerability

Published Oct 30, 2025·Updated Oct 30, 2025

Description

XWiki Platform contains an eval injection vulnerability that could allow any guest to perform arbitrary remote code execution through a request to SolrSearch.

Public Exploits & PoCs38 found

PoC: CVE-2025-24893-XWiki-RCE

This vulnerability could allow a malicious user to execute remote code by sending appropriately crafted requests to the default search engine SolrSearch

1

PoC: xwiki-cve-2025-24893-poc

PoC for CVE-2025-24893

1

PoC: CVE-2025-24893

This Python script exploits CVE-2025-24893, a remote code execution (RCE) vulnerability in XWiki caused by improper sandboxing in Groovy macros rendered asynchronously. It allows arbitrary command execution through injection into RSS-based SolrSearch endpoints.

1

PoC: CVE-2025-24893-PoC

XWiki SolrSearchMacros 远程代码执行漏洞PoC(CVE-2025-24893)

1

[POC] GHSA-3mgp-fx93-9xv5 — cve-2025-24893

POC for CVE-2025-24893

PoC: CVE-2025-24893

OSCP like CVE-2025-24893 exploit for Linux XWiki

PoC: CVE-2025-24893

Exploit de Execução Remota de Código (RCE) no XWiki

PoC: CVE-2025-24893-XWiki-SSTI-RCE

CVE-2025-24893 – XWiki SSTI unauthenticated RCE exploit (HackTheBox CTF)

PoC: CVE-2025-24893-

CVE-2025-24893 | Vulnérabilité d'exécution de code à distance sur la plateforme XWiki (preuve de concept)

PoC: xwiki-cve-2025-24893-exploit

Unauthenticated RCE exploit for XWiki CVE-2025-24893 via Groovy script injection

PoC: CVE-2025-24893-PoC

Proof of Concept for CVE-2025-24893 demonstrating unauthenticated remote command execution in XWiki through unsafe server-side template evaluation.

PoC: CVE-2025-24893

CVE-2025-24893 is a critical remote code execution (RCE) vulnerability in XWiki. It allows an unauthenticated attacker to send a crafted request that is improperly evaluated as code, leading to arbitrary code execution on the server and possible full system compromise.

PoC: Blackash-CVE-2025-24893

CVE-2025-24893

PoC: CVE-2025-24893-PoC

XWiki Unauthenticated RCE Exploit for Reverse Shell

PoC: CVE-2025-24893

CVE-2025-24893 tool

PoC: CVE-2025-24893

CVE-2025-24893 exploit

PoC: CVE-2025-24893

Unauthenticated Remote Code Execution in XWiki via SolrSearch Macro

PoC: xwiki-15.10.8-reverse-shell-cve-2025-24893

CVE-2025-24893 RCE exploit for XWiki with reverse shell capability

PoC: xwiki_solrsearch-rce-exploit

Unauth RCE PoC for XWiki SolrSearch (CVE-2025-24893). Command exec + reverse shell. Built during process of pwning HTB “Editor”

PoC: CVE-2025-24893_HackTheBox-Editor-Writeup

A critical remote code execution (RCE) vulnerability (CVE‑2025‑24893) exists in the XWiki Platform, specifically in the SolrSearch RSS feed endpoint.

PoC: EXP-for-CVE-2025-24893

Some poorly crafted exploit scripts

PoC: CVE-2025-24893

PoC exploit for XWiki Remote Code Execution Vulnerability (CVE-2025-24893)

PoC: CVE-2025-24893-POC

A POC for CVE-2025-24893 written in python

PoC: CVE-2025-24893

POC exploit for CVE-2025-24893

PoC: CVE-2025-24893

XWiki 15.10.11, 16.4.1 and 16.5.0RC1 Unauthenticated Remote code execution POC

PoC: CVE-2025-24893

POC

PoC: CVE-2025-24893

Bash POC script for RCE vulnerability in XWiki Platform

PoC: CVE-2025-24893-XWiki-Platform-Remote-Code-Execution

This vulnerability could allow a malicious user to execute remote code by sending appropriately crafted requests to the default search engine SolrSearch

PoC: CVE-2025-24893-XWiki-unauthenticated-RCE-via-SolrSearch

CVE-2025-24893 is a critical unauthenticated remote code execution (RCE) vulnerability in XWiki, a popular open-source enterprise wiki platform.

PoC: cve-2025-24893-poc

Proof-of-Concept exploit for CVE-2025-24893, an unauthenticated Remote Code Execution (RCE) vulnerability in XWiki. Exploits a template injection flaw in the SolrSearch endpoint via Groovy script execution.

PoC: CVE-2025-24893

PoC | XWiki Platform 15.10.10 - Remote Code Execution

PoC: CVE-2025-24893-XWiki-Unauthenticated-RCE-Exploit-POC

CVE-2025-24893 is a critical unauthenticated remote code execution vulnerability in XWiki (versions < 15.10.11, 16.4.1, 16.5.0RC1) caused by improper handling of Groovy expressions in the SolrSearch macro.

PoC: CVE-2025-24893

PoC for CVE-2025-24893: XWiki' Remote Code Execution exploit for versions prior to 15.10.11, 16.4.1 and 16.5.0RC1.

PoC: CVE-2025-24893-RCE-PoC

This is a small script for the rce vulnerability for CVE-2025-24893. It supports basic input/output

PoC: CVE-2025-24893-Reverse-Shell

Reverse Shell Payload for CVE-2025-24893

PoC: cve-2025-24893

Modified exploit for CVE-2025-24893

PoC: CVE-2025-24893-RCE-PoC

This is a small script for the rce vulnerability for CVE-2025-24893. It supports basic input/output

PoC: CVE-2025-24893

XWiki Remote Code Execution (CVE-2025-24893) PoC

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free