TawkTo Widget Version <= 1.3.7 is vulnerable to Cross Site Scripting (XSS) due to processing user input in a way that allows JavaScript execution.Referenceshttps://cosmosofcyberspace.github.io/tawk_to_cve.html
