PT-2025-39587 · Unknown · Yonifre Lenix Scss Compiler

Nabil Irawan

Published

2025-09-26

Updated

2025-09-26

CVE-2025-60144

CVSS v3.1

5.9

Vector

AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

**Name of the Vulnerable Software and Affected Versions**

yonifre Lenix scss compiler versions through 1.2

**Description**

A flaw exists in the yonifre Lenix scss compiler that allows for Stored Cross-site Scripting (XSS). This issue is due to improper neutralization of input during web page generation. The vulnerability could allow an attacker to inject malicious scripts into web pages viewed by other users.

**Recommendations**

Update yonifre Lenix scss compiler to a version later than 1.2.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-60144

Affected Products

Yonifre Lenix Scss Compiler

PT-2025-39587 · Unknown · Yonifre Lenix Scss Compiler

Weakness Enumeration

Related Identifiers

Affected Products

References · 3