CVE-2025-66460 Lookyloo vulnerable to XSS due to lack of escaping in HTML elements passed to Datatables
Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other. Prior to 1.35.3, Lookyloo passed improperly escaped values to cells rendered in datatables using the orthogonal-data feature. It is definitely exploitable from the popu...