Medium severity6.1NVD Advisory· Published Jun 4, 2026· Updated Jun 10, 2026
CVE-2019-25737
CVE-2019-25737
Description
Live Chat Unlimited 2.8.3 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the chat input field. Attackers can submit payloads containing script tags and event handlers that execute in the admin area, enabling cookie theft or forced redirects to malicious websites.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<=2.8.3+ 1 more
- (no CPE)range: <=2.8.3
- (no CPE)range: <=2.8.3
- Range: <=2.8.3
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.