Cybersecurity Vulnerabilities

Lookyloo Under Scrutiny: Addressing the XSS Vulnerability (CVE-2025-65095)

November 19, 2025 - By 

Overview

CVE-2025-65095 identifies a potential cross-site scripting (XSS) vulnerability in Lookyloo, a web interface designed for capturing website pages and displaying a tree of interconnected domains. This flaw existed in versions prior to 1.35.1. Fortunately, the Lookyloo team has addressed this issue in version 1.35.1, mitigating the risk for users who upgrade.

Technical Details

The XSS vulnerability resided within the index and tree pages of the Lookyloo web interface. An attacker could potentially inject malicious scripts into these pages, which would then be executed in the browsers of unsuspecting users. The specifics of the injection point and payload are not detailed in the public description, but the patch in version 1.35.1 suggests input sanitization or output encoding was implemented to prevent the script execution.

The commit ac2f73dbfcad88b815b18c42cca77a1c645f1726 on GitHub likely contains the fix for this vulnerability.

CVSS Analysis

Currently, the CVSS score for CVE-2025-65095 is listed as N/A, indicating that a formal scoring has not been assigned. This could be due to the complexity of exploiting the vulnerability or the lack of detailed information on the attack vector. However, the presence of an XSS vulnerability should still be taken seriously. XSS vulnerabilities often present serious risk even in the absence of a high CVSS score.

Possible Impact

Even without a CVSS score, XSS vulnerabilities can have serious consequences. A successful XSS attack could allow an attacker to:

  • Steal user cookies and session tokens, gaining unauthorized access to user accounts.
  • Deface the Lookyloo interface, injecting malicious content.
  • Redirect users to phishing sites.
  • Execute arbitrary code in the user’s browser, potentially compromising their system.

Mitigation or Patch Steps

The primary mitigation step is to upgrade to Lookyloo version 1.35.1 or later. This version contains the necessary patch to address the XSS vulnerability. If upgrading is not immediately possible, consider implementing temporary workarounds such as:

  • Restricting access to the Lookyloo interface to trusted users only.
  • Implementing a Web Application Firewall (WAF) with rules to detect and block potential XSS attacks.

References

Lookyloo default_csp.py on GitHub
Lookyloo Commit ac2f73dbfcad88b815b18c42cca77a1c645f1726 on GitHub
Lookyloo Security Advisory GHSA-m9g6-23c8-vrxf on GitHub
CIRCL Vulnerability Database: gcve-1-2025-0018

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *