Apereo · Sakai · CVE-2019-16148
**Name of the Vulnerable Software and Affected Versions**
Sakai versions prior to 12.7
**Description**
The issue allows for cross-site scripting (XSS) attacks via a chat user name.
**Recommendations**
For versions prior to 12.7, update to version 12.7 or later to resolve the issue.