CVE-2025-57483

Published September 29th, 2025

View on NVD ↗

CVSS v3

8.1

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

A reflected cross-site scripting (XSS) vulnerability in tawk.to chatbox widget v4 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the vulnerable parameter.

Jainil-89/CVE

Xss In Tawk.to Live Chat Support (CVE-2025-57483)

GitHub