3 matches found
CVE-2024-31984
XWiki Platform is a generic wiki platform. Starting in version 7.2-rc-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, by creating a document with a specially crafted title, it is possible to trigger remote code execution in the Solr-based search in XWiki. This allows any user who can edi...
CVE-2024-31984
XWiki Platform contains a remote code execution (RCE) vulnerability in the Solr-based search when a document title is crafted in a specific way. Affected versions include 7.2-rc-1 through prior to 4.10.20, 15.5.4, and 15.10-rc-1. Successful exploitation allows an attacker who can edit a space tit...
CVE-2024-31984 XWiki Platform: Remote code execution through space title and Solr space facet
XWiki Platform is a generic wiki platform. Starting in version 7.2-rc-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, by creating a document with a specially crafted title, it is possible to trigger remote code execution in the Solr-based search in XWiki. This allows any user who can edi...