Schlix: >> Cms >> 2.2.8-1 Security Vulnerabilities
Schlix CMS before v2.2.9-5 is vulnerable to Cross Site Scripting (XSS). Due to lack of javascript sanitization in the login form, incorrect login attempts in logs are triggered as XSS in the admin panel.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-12-22
An arbitrary file upload vulnerability in Schlix CMS v2.2.8-1, allows remote authenticated attackers to execute arbitrary code and obtain sensitive information via a crafted .phtml file.
CVSS Score
7.2
EPSS Score
0.01
Published
2024-01-31