VYPR

Maven package

org.xwiki.platform/xwiki-platform-search-solr-ui

pkg:maven/org.xwiki.platform/xwiki-platform-search-solr-ui

Vulnerabilities (2)

  • CVE-2025-24893KEVFeb 20, 2025
    affected >= 5.3-milestone-2, < 15.10.11fixed 15.10.11

    XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any guest can perform arbitrary remote code execution through a request to `SolrSearch`. This impacts the confidentiality, integrity and availability of the whole XWiki instal

  • CVE-2024-31984Apr 10, 2024
    affected >= 7.2-rc-1, < 14.10.20fixed 14.10.20

    XWiki Platform is a generic wiki platform. Starting in version 7.2-rc-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, by creating a document with a specially crafted title, it is possible to trigger remote code execution in the (Solr-based) search in XWiki. This allows a