Possible Remote Code Execution Vulnerability in gridx php file.

[MayViolin]

Hi,

We found a remote code execution vulnerability in gridx that could allow an attacker to remotely execute arbitrary code to attack an attack server.

https://tapallinone:9443/ApplicationServer/libs/dojo_1.10/gridx/tests/support/stores/test_grid_filter.php?query=XXX();

Although I can not get a feedback by adding the query parameter, but I am wondering if it will actually execute the query on server side or not? If the query will be executed, it would be a vulnerability for our products.

Please confirm what this file is used for and can it be deployed to production environment.