A critical remote code execution (RCE) vulnerability (CVE-2025-24893) in XWiki, a widely-used open-source wiki platform, is being actively exploited in the wild. This exploitation leads to the deployment of cryptocurrency mining malware on compromised servers. The vulnerability allows unauthenticated attackers to inject malicious templates and execute arbitrary code, completely bypassing authentication mechanisms. Vulnerability Details The […]
The post Critical XWiki Vulnerability Abused in the Wild for Cryptocurrency Mining appeared first on SecPod Blog.