Update Your XWiki Installation to Patch Remote Code Execution Vulnerability

CVECVE-2024-21650
CVSScvssV3_1: 10
SourceCVE-2024-21650

XWiki is a popular open source wiki platform that many websites and companies use to build collaborative applications and websites. Unfortunately, researchers discovered a serious vulnerability in XWiki that could allow remote attackers to execute code on servers running vulnerable versions.

The vulnerability is located in XWiki’s user registration feature. By crafting malicious input in the first or last name fields during registration, an attacker could execute arbitrary code on the server. This gives the attacker full control of the server and puts sites at risk.

To exploit this, a hacker would simply need to trick an administrator or user into registering a fake account with a specially crafted name containing malicious code. When processed by XWiki, this code would then execute on the server silently in the background.

It is recommended that all XWiki users update their installations immediately to the latest versions 14.10.17, 15.5.3 or 15.8 RC1 which contain patches for this vulnerability. Enabling registration only for logged in users can also help reduce risk until upgrades are complete. Staying on top of software updates is critical for keeping sites secure against emerging threats like this remote code execution flaw.

References