4 matches found
CVE-2025-12245
A vulnerability was identified in chatwoot up to 4.7.0. This vulnerability affects the function initPostMessageCommunication of the file app/javascript/sdk/IFrameHelper.js of the component Widget. The manipulation of the argument baseUrl leads to origin validation error. Remote exploitation of th...
CVE-2025-12245 chatwoot Widget IFrameHelper.js initPostMessageCommunication origin validation
A vulnerability was identified in chatwoot up to 4.7.0. This vulnerability affects the function initPostMessageCommunication of the file app/javascript/sdk/IFrameHelper.js of the component Widget. The manipulation of the argument baseUrl leads to origin validation error. Remote exploitation of th...
CVE-2025-12245
Chatwoot before 4.7.0 is affected by a vulnerability in the Widget component, specifically the initPostMessageCommunication function in app/javascript/sdk/IFrameHelper.js, where manipulating the baseUrl argument triggers an origin validation error. The issue allows remote exploitation and has bee...
EUVD-2025-36123
A vulnerability was identified in chatwoot up to 4.7.0. This vulnerability affects the function initPostMessageCommunication of the file app/javascript/sdk/IFrameHelper.js of the component Widget. The manipulation of the argument baseUrl leads to origin validation error. Remote exploitation of th...