What the vulnerability does

01Description

A blind self XSS vulnerability exists in RocketChat LiveChat <v1.9 that could allow an attacker to trick a victim pasting malicious code in their chat instance.

Key dates

02Disclosure timeline

April 1, 2022 CVE published
August 3, 2024 Record updated