MEDIUM
Screets
CVE published 2026-06-04
CVE-2019-25737
CVE-2019-25737 is a stored cross-site scripting (XSS) vulnerability in Live Chat Unlimited 2.8.3. The vulnerability allows unauthenticated attackers to inject malicious scripts through the chat input field. Attackers can submit payloads containing script tags and event handlers that execute in the admin area, enabling cookie theft or forced redirects to malicious websites. The CVSS score for this vulnerab [truncated]