THE IONIX BLOG

Amit Sheps
March 02nd, 2025

Exploited: XWiki Remote Code Execution Vulnerability (CVE-2025-24893)

Overview A newly discovered critical vulnerability in the XWiki Platform, tracked as CVE-2025-24893, allows unauthenticated remote code execution (RCE) through the SolrSearch macro. This vulnerability was assigned a CVSS score of 9.8 as rated by GitHub, Inc.) , can be exploited by attackers to execute arbitrary Groovy code on affected servers, potentially leading to data…
Read more

EDITORS PICKS

Amit Sheps
November 19th, 2024

IONIX Launches Cloud Exposure Validator: Bringing CTEM to Cloud Security

Fara Hain
June 04th, 2024

Cloud Cross-View for Complete Attack Surface Visibility

Amit Sheps
March 06th, 2024

Security Validation Explained: A Trusted Path to Risk Reduction

Amit Sheps
January 04th, 2024

How to Implement Multi-Factor Asset Attribution in Attack Surface Discovery

Nethanel Gelernter
June 26th, 2024

CVE-2024-38526 – Polyfill Supply Chain Attack for Malicious Code Execution

THE LATEST FROM IONIX >>

LATEST

  • Fara Hain
    March 3rd, 2025

    Can Autonomous LLM Agents Exploit One Day Vulnerabilities?

  • Amit Sheps
    March 2nd, 2025

    Exploited: XWiki Remote Code Execution Vulnerability (CVE-2025-24893)

  • Amit Sheps
    February 13th, 2025

    Exploited! PAN‑OS Authentication Bypass Vulnerability (CVE‑2025‑0108)

  • Fara Hain
    February 5th, 2025

    What Is CTEM? Understanding Gartner’s CTEM Framework

  • Amit Sheps
    December 19th, 2024

    CTEM: Closing the Cloud Security Gap

  • Gilad Friedman
    December 19th, 2024

    Three Pillars for MSSP Success in EASM

  • Amit Sheps
    December 19th, 2024

    Continuous Risk Assessment: The Connecting Thread in CTEM

  • Fara Hain
    December 18th, 2024

    Exploited! Kerio Control’s HTTP Response Splitting Vulnerability (CVE-2024-52875)

  • Nethanel Gelernter
    December 5th, 2024

    Exploited! NuPoint Unified Messaging (NPM) Component of Mitel MiCollab

  • Marc Gaffan
    December 1st, 2024

    CTEM: The Strategic Imperative for Modern Security Operations

  • Nethanel Gelernter
    November 20th, 2024

    Exploitable! CVE-2024-0012 Authentication Bypass for PAN-OS

  • Nethanel Gelernter
    November 19th, 2024

    CVE-2024-10924 Explained: Security plugin flaw in millions of WordPress sites