Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-65095
PUBLISHED
More InfoOfficial Page
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
View Known Exploited Vulnerability (KEV) details
Published At-19 Nov, 2025 | 17:38
Updated At-20 Nov, 2025 | 14:21
Rejected At-
▼CVE Numbering Authority (CNA)
Lookyloo is vulnerable due to improper user input sanitization

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to version 1.35.1, there is potential cross-site scripting on index and tree page. This issue has been patched in version 1.35.1.

Affected Products
Vendor
Lookyloo
Product
lookyloo
Versions
Affected
  • < 1.35.1
Problem Types
TypeCWE IDDescription
CWECWE-79CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Type: CWE
CWE ID: CWE-79
Description: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Metrics
VersionBase scoreBase severityVector
4.09.4CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Version: 4.0
Base score: 9.4
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/Lookyloo/lookyloo/security/advisories/GHSA-m9g6-23c8-vrxf
x_refsource_CONFIRM
https://github.com/Lookyloo/lookyloo/commit/ac2f73dbfcad88b815b18c42cca77a1c645f1726
x_refsource_MISC
https://github.com/Lookyloo/lookyloo/blob/main/website/web/default_csp.py
x_refsource_MISC
https://vulnerability.circl.lu/vuln/gcve-1-2025-0018
x_refsource_MISC
Hyperlink: https://github.com/Lookyloo/lookyloo/security/advisories/GHSA-m9g6-23c8-vrxf
Resource:
x_refsource_CONFIRM
Hyperlink: https://github.com/Lookyloo/lookyloo/commit/ac2f73dbfcad88b815b18c42cca77a1c645f1726
Resource:
x_refsource_MISC
Hyperlink: https://github.com/Lookyloo/lookyloo/blob/main/website/web/default_csp.py
Resource:
x_refsource_MISC
Hyperlink: https://vulnerability.circl.lu/vuln/gcve-1-2025-0018
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found