35 matches found
CVE-2023-49175
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kreativo Pro KP Fastest Tawk.To Chat allows Stored XSS.This issue affects KP Fastest Tawk.To Chat: from n/a through 1.1.1...
EUVD-2021-11826
Malware in sbrugna...
EUVD-2025-31594
Malicious code in bioql PyPI...
EUVD-2025-22733
Malicious code in bioql PyPI...
CVE-2025-57483
A reflected cross-site scripting XSS vulnerability in tawk.to chatbox widget v4 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the vulnerable parameter...
CVE-2025-57483
A reflected cross-site scripting XSS vulnerability in tawk.to chatbox widget v4 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the vulnerable parameter...
CVE-2025-57483
CVE-2025-57483 affects the tawk.to chatbox widget v4. It describes a reflected XSS due to unvalidated input in a vulnerable parameter, allowing arbitrary Javascript execution in the user’s browser. Multiple connected sources corroborate the basic vulnerability and impacted component. There is no ...
PT-2025-39845
Name of the Vulnerable Software and Affected Versions tawk.to chatbox widget version 4 Description A reflected cross-site scripting XSS issue exists in tawk.to chatbox widget version 4. This allows attackers to execute arbitrary Javascript in the context of a user’s browser by injecting a crafted...
CVE-2025-57483
A reflected cross-site scripting XSS vulnerability in tawk.to chatbox widget v4 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the vulnerable parameter...
CVE-2025-57483
A reflected cross-site scripting XSS vulnerability in tawk.to chatbox widget v4 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the vulnerable parameter...
CVE-2025-45960
Cross Site Scripting vulnerability in tawk.to Live Chat v.1.6.1 allows a remote attacker to execute arbitrary code via the web application stores and displays user-supplied input without proper input validation or encoding...
CVE-2025-45960
Cross Site Scripting vulnerability in tawk.to Live Chat v.1.6.1 allows a remote attacker to execute arbitrary code via the web application stores and displays user-supplied input without proper input validation or encoding...
CVE-2025-45960
Cross Site Scripting vulnerability in tawk.to Live Chat v.1.6.1 allows a remote attacker to execute arbitrary code via the web application stores and displays user-supplied input without proper input validation or encoding...
CVE-2025-45960
CVE-2025-45960 – tawk.to Live Chat v1.6.1 exposes a cross-site scripting vulnerability where user-supplied input is not properly validated or encoded in the web app, allowing a remote attacker to execute arbitrary code. The CVE entry and multiple sources (Red Hat, NVD, CVE List) confirm the issue...
CVE-2025-45960
Cross Site Scripting vulnerability in tawk.to Live Chat v.1.6.1 allows a remote attacker to execute arbitrary code via the web application stores and displays user-supplied input without proper input validation or encoding...
CVE-2025-45960
Cross Site Scripting vulnerability in tawk.to Live Chat v.1.6.1 allows a remote attacker to execute arbitrary code via the web application stores and displays user-supplied input without proper input validation or encoding...
PT-2025-30900 · Unknown · Tawk.To Live Chat
Name of the Vulnerable Software and Affected Versions: tawk.to Live Chat version 1.6.1 Description: A Cross Site Scripting issue exists in tawk.to Live Chat. The web application stores and displays user-supplied input without proper input validation or encoding, potentially allowing a remote...
tawk.to Live Chat 安全漏洞
tawk.to Live Chat is an online chat software from the US-based company tawk.to. A security vulnerability exists in tawk.to Live Chat version 1.6.1, which stems from insufficient input validation and could lead to cross-site scripting...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kreativo Pro KP Fastest Tawk.To Chat allows Stored XSS.This issue affects KP Fastest Tawk.To Chat: from n/a through 1.1.1...
CVE-2023-49175
CVE-2023-49175 concerns KP Fastest Tawk.to Chat (WordPress plugin) versions