@rocket.chat/livechat@1.8.0 vulnerabilities
-
latest version
1.13.3
-
latest non vulnerable version
-
first published
5 years ago
-
latest version published
2 years ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the @rocket.chat/livechat package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
@rocket.chat/livechat is a small and lightweight application designed to provide B2C (Business-to-customer) communication between Agents and website visitors and is developed with Preact. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) by tricking the victim to paste a crafted payload in their chat instance which will allow malicious code execution in their chat instance. How to fix Cross-site Scripting (XSS)? Upgrade |
<1.9.0
|