High severity8.1NVD Advisory· Published Sep 29, 2025· Updated Apr 15, 2026
CVE-2025-57483
CVE-2025-57483
Description
A reflected cross-site scripting (XSS) vulnerability in tawk.to chatbox widget v4 allows attackers to execute arbitrary Javascript in the context of the user's browser via injecting a crafted payload into the vulnerable parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 4
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.