Unknown · Tawk.To Live Chat · CVE-2025-45960
**Name of the Vulnerable Software and Affected Versions**
tawk.to Live Chat version 1.6.1
**Description**
A Cross Site Scripting issue exists in tawk.to Live Chat. The web application stores and displays user-supplied input without proper input validation or encoding, potentially allowing a remote attacker to execute arbitrary code.
**Recommendations**
Update tawk.to Live Chat to a version with appropriate input validation and encoding to address this issue.