Reformat the repo to store all my PoCs and add CVE-2025-24893
This commit is contained in:
0xVoodoo
@@ -0,0 +1,11 @@
|
||||
# CVE-2025-24893 - XWiki RCE
|
||||
|
||||
This vuln stems from improper user input sanitization when passing SolrSearch queries. Arbitrary groovy code can be executed due to a direct evaluate() call.
|
||||
|
||||
The vulnerable endpoint here is:
|
||||
`/xwiki/bin/get/Main/SolrSearch?media=rss&text=`
|
||||
|
||||
# License
|
||||
GPL v3.0 - as all good software should be
|
||||
|
||||
Remember - don't be a skid :)
|
||||
Reference in New Issue
Block a user