FetLife: Stored XSS via Angular Expression injection via Subject while starting conversation with other users.

The reporter pointed out that the Subject field for sending private messages using FetLife's onsite chat was vulnerable to a stored XSS exploit, allowing people to execute potentially malicious contents on the receiving end of the message...