CVE-2025-67443

Medium CVSS: 6.1

Schlix CMS before v2.2.9-5 is vulnerable to Cross Site Scripting (XSS). Due to lack of javascript sanitization in the login form, incorrect login attempts in logs are triggered as XSS in the admin panel.

Vendor

Schlix

Product

Cms

CWE

CWE-79

Yayın Tarihi

2025-12-22 17:15:59

Güncelleme

2026-01-02 16:56:19

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Cms MEDIUM Schlix 2025

Referanslar

https://gist.github.com/akinerkisa/b22f4517a4011d049c5fc7fd3b29c9f2 https://www.schlix.com/news/release/december-2025-errata-5-bug-fix-release.html#:~:text=Fixed%20XSS%20vulnerability%20bug%20when%20clicking%20New%20User%20%28thank%20you%20to%20Ak%C4%B1ner%20K%C4%B1sa%20who%20reported%20this%20security%20bug%20and%20provided%20reasonable%20time%20to%20fix%29

Benzer Kayıtlar

Critical

CVE-2021-47753

phpKF CMS 3.00 Beta y6 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arb…

Medium

CVE-2025-6736

A vulnerability classified as critical was found in juzaweb CMS 3.4.2. Affected by this vulnerability is an unknown func…

Medium

CVE-2025-6735

A vulnerability classified as critical has been found in juzaweb CMS 3.4.2. Affected is an unknown function of the file…

Medium

CVE-2025-5429

A vulnerability classified as critical was found in juzaweb CMS up to 3.4.2. This vulnerability affects unknown code of…

Medium

CVE-2025-5427

A vulnerability was found in juzaweb CMS up to 3.4.2. It has been rated as critical. Affected by this issue is some unkn…

Medium

CVE-2025-5428

A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the fi…