CVE-2025-61635

Unknown Unknown - Not Provided

Cross-Site Scripting in Wikimedia ConfirmEdit FancyCaptcha Module

Publication date: 2026-02-03

Last updated on: 2026-02-03

Assigner: wikimedia-foundation

Description

Vulnerability in Wikimedia Foundation ConfirmEdit. This vulnerability is associated with program files includes/FancyCaptcha/ApiFancyCaptchaReload.Php. This issue affects ConfirmEdit: *.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-02-03

Last Modified

2026-02-03

Generated

2026-06-16

AI Q&A

2026-02-03

EPSS Evaluated

2026-06-15

NVD

CVE-2025-61635

Affected Vendors & Products

Vendor	Product	Version / Range
wikimedia	confirmedit	*

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-UNKNOWN

Attack-Flow Graph

Compliance Impact

There is no information provided about how this vulnerability affects compliance with standards or regulations such as GDPR or HIPAA.

Executive Summary

This vulnerability is in the Wikimedia Foundation's ConfirmEdit extension, specifically in the program file includes/FancyCaptcha/ApiFancyCaptchaReload.Php. However, no detailed explanation of the nature or mechanics of the vulnerability is provided.

Impact Analysis

The impact of this vulnerability is not detailed in the provided information, and the CVSS base score is 0.0, indicating no known impact or exploitability at this time.

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Hi! I’m here to help you understand CVE-2025-61635. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

CVE-2025-61635

Cross-Site Scripting in Wikimedia ConfirmEdit FancyCaptcha Module

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart