Loading market data...
← Back to CVE feed

CVE-2019-25737

HIGH CVSS 7.2 View on NVD ↗

Description

Live Chat Unlimited 2.8.3 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the chat input field. Attackers can submit payloads containing script tags and event handlers that execute in the admin area, enabling cookie theft or forced redirects to malicious websites.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Published: Jun 04, 2026 14:16 UTC Modified: Jun 04, 2026 15:00 UTC