A blind self XSS vulnerability exists in RocketChat LiveChat <v1.9 that could allow an attacker to trick a victim pasting malicious code in their chat instance.
[
{
"product": "Rocket.chat Livechat",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in v1.9"
}
]
}
]