VYPR

Lookyloo

by Lookyloo

Source repositories

CVEs (4)

  • CVE-2025-65095CriNov 19, 2025
    risk 0.54cvss epss 0.00

    Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to version 1.35.1, there is potential cross-site scripting on index and tree page. This issue has been patched in version 1.35.1.

  • CVE-2025-66460Dec 2, 2025
    risk 0.00cvss epss 0.00

    Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, Lookyloo passed improperly escaped values to cells rendered in datatables using the orthogonal-data feature. It is definitely…

  • CVE-2025-66459Dec 2, 2025
    risk 0.00cvss epss 0.00

    Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, a XSS vulnerability can be triggered when a user submits a list of URLs to capture, one of them contains a HTML element, and the…

  • CVE-2025-66458Dec 2, 2025
    risk 0.00cvss epss 0.00

    Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, there are multiple XSS due to unsafe use of f-strings in Markup. The issue requires a malicious 3rd party server responding with a…