EPSS
Percentile
34.0%
A blind self XSS vulnerability exists in RocketChat LiveChat versions lower than 1.9 that could allow an attacker to trick a victim pasting malicious code in their chat instance.
github.com/RocketChat/Rocket.Chat.Livechat
github.com/RocketChat/Rocket.Chat.Livechat/pull/558
github.com/RocketChat/Rocket.Chat.Livechat/releases/tag/v1.9.0
hackerone.com/reports/1091118
nvd.nist.gov/vuln/detail/CVE-2022-21830