CVE-2025-62701 is a stored Cross-site Scripting (XSS) vulnerability classified under CWE-79, found in the Wikimedia Foundation's Mediawiki - Wikistories component prior to version 1.44. The vulnerability stems from improper neutralization of user-supplied input during the generation of web pages, allowing malicious scripts to be stored and later executed in the browsers of users who view the affected pages. This type of vulnerability is particularly dangerous because it does not require authentication or user interaction, increasing the attack surface. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and low to limited impacts on confidentiality, integrity, and availability (VC:L, VI:L, VA:L). The flaw affects the master branch before version 1.44, meaning that any deployment of Mediawiki Wikistories using these versions is vulnerable. Although no known exploits have been reported in the wild, the vulnerability could be leveraged to perform session hijacking, defacement, phishing, or distribution of malware by injecting malicious JavaScript into wiki pages. Mediawiki is widely used for collaborative content management, including in public and private organizations across Europe, making this vulnerability relevant for a broad user base. The lack of a patch link suggests that a fix may be forthcoming or in development. The vulnerability's presence in a popular open-source platform underscores the importance of timely updates and secure coding practices to prevent exploitation.

For European organizations, this vulnerability poses a moderate risk primarily to those using Mediawiki with the Wikistories feature, especially in public-facing environments where untrusted users can contribute content. Exploitation could lead to unauthorized access to user sessions, theft of sensitive information, or manipulation of displayed content, undermining trust and potentially causing reputational damage. The impact on confidentiality and integrity is notable due to the ability to execute arbitrary scripts in users' browsers. Availability impact is limited but possible if attackers use the vulnerability to disrupt service or redirect users. Given the collaborative nature of Mediawiki deployments in government, education, and enterprises across Europe, exploitation could affect a wide range of sectors. The vulnerability's ease of exploitation (no authentication or user interaction required) increases the likelihood of attacks if unpatched. However, the absence of known exploits in the wild suggests that immediate risk is moderate but should not be underestimated.

1. Upgrade Mediawiki - Wikistories to version 1.44 or later as soon as the patch is released to address the vulnerability. 2. Implement strict input validation and output encoding on all user-supplied content to prevent injection of malicious scripts. 3. Deploy Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts and reduce the impact of potential XSS attacks. 4. Regularly audit and sanitize existing wiki content to identify and remove any malicious or suspicious scripts. 5. Monitor web server logs and user activity for unusual patterns indicative of exploitation attempts. 6. Educate administrators and users about the risks of XSS and safe content contribution practices. 7. Consider disabling or restricting the Wikistories feature if immediate patching is not feasible, especially in high-risk environments. 8. Employ web application firewalls (WAFs) with rules tuned to detect and block XSS payloads targeting Mediawiki.