Unrated severityNVD Advisory· Published Dec 22, 2025· Updated Dec 22, 2025

CVE-2025-67443

Description

Schlix CMS before v2.2.9-5 is vulnerable to Cross Site Scripting (XSS). Due to lack of javascript sanitization in the login form, incorrect login attempts in logs are triggered as XSS in the admin panel.

Affected products

Schlix CMS/Schlix CMSdescription
Statamic/CMSllm-fuzzy
Range: <2.2.9-5

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

gist.github.com/akinerkisa/b22f4517a4011d049c5fc7fd3b29c9f2mitre
www.schlix.com/news/release/december-2025-errata-5-bug-fix-release.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000