A vulnerability was found in xwiki-platform up to 13.5/14.10.20/15.5.4/15.10.5/16.0.0 and classified as critical. This issue affects some unknown processing of the component User Profile Handler. The manipulation leads to code injection.
The identification of this vulnerability is CVE-2024-37899. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.