CVE-2025-12739

CVE-2025-12739 involves a Cross-Site Scripting (XSS) vulnerability in Looker’s Extension Loader. An attacker with viewer permissions can craft a malicious URL that, when opened by a Looker administrator, could run attacker-supplied script. Exploitation requires at least one Looker extension insta...