CVE-2025-66460

Name of the Vulnerable Software and Affected Versions Lookyloo versions prior to 1.35.3

Description Lookyloo is a web interface used to capture and display a tree of domains that interact with each other. Versions of Lookyloo prior to 1.35.3 improperly escape values passed to cells rendered in datatables using the orthogonal-data feature, leading to a potential security issue. This issue is exploitable in the popup view and potentially in other areas of the application. The vulnerability involves passing values to datatables without proper sanitization, which could allow for malicious code execution.

Recommendations Update Lookyloo to version 1.35.3 or later.