Vulnerability Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - UploadWizard Extension allows Stored XSS.This issue affects Mediawiki - UploadWizard Extension: from master before 1.39.
Related Weaknesses (CWE)
References
- https://gerrit.wikimedia.org/r/q/I37ea7c8825e9de776e207b3919b451ba2b905369
- https://phabricator.wikimedia.org/T402095
- https://phabricator.wikimedia.org/T402095
FAQ
What is CVE-2025-62663?
CVE-2025-62663 is a documented vulnerability. Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - UploadWizard Extension allows Stored XSS.This issue af...
How severe is CVE-2025-62663?
CVSS scoring is not yet available for CVE-2025-62663. Check NVD for updates.
Is there a patch for CVE-2025-62663?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.