onionshare_cli is vulnerable to user impersonation. An attacker with access to the chat environment is able to update the name string to that of another user by appending a space character at the end of it, allowing to impersonate other participants.