Home

Description

Schlix CMS before v2.2.9-5 is vulnerable to Cross Site Scripting (XSS). Due to lack of javascript sanitization in the login form, incorrect login attempts in logs are triggered as XSS in the admin panel.

PUBLISHED Reserved 2025-12-08 | Published 2025-12-22 | Updated 2025-12-22 | Assigner mitre

References

www.schlix.com/...ecember-2025-errata-5-bug-fix-release.html

gist.github.com/akinerkisa/b22f4517a4011d049c5fc7fd3b29c9f2

cve.org (CVE-2025-67443)

nvd.nist.gov (CVE-2025-67443)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.