The Indian Computer Emergency Response Team (CERT-In) has issued a critical security alert regarding vulnerabilities identified in certain applications that pose significant risks to our Institutional security. Based on this alert and our internal risk assessment, we have identified the following applications as vulnerable:

These vulnerabilities could potentially allow attackers to execute remote code, inject malicious objects, or compromise the confidentiality, integrity, and availability of our systems.

1. Cease Usage: Discontinue the use of the following services/applications until these applications are upgraded with the latest patches/versions:
• GiveWP [Vulnerable WordPress Donation Plugin]
• SolrSearch Application on XWiki Platform [Vulnerable SolrSearch Application on XWiki Platform]

2. Identify Exposure: Check your IT systems and infrastructure to determine if these applications are in use.

Upgrade GiveWP and XWiki Platform (including SolrSearch) with the latest patches/versions. These upgrades are critical to eliminate the identified vulnerabilities and protect our systems from potential exploitation. If immediate upgrading is not feasible, discontinue the use of GiveWP and SolrSearch on XWiki Platform until the patches are applied.