Name of the Vulnerable Software and Affected Versions WhatsApp-Chat-Exporter versions prior to 0.9.5

Description A Cross-Site Scripting (XSS) issue was discovered in the HTML output of chats, due to the absence of autoescape=True when setting the environment, which is intended to be mitigated by Jinja's escape function. Although the actual impact is considered low because the HTML file is viewed offline, an adversary may still inject malicious payloads into the chat through WhatsApp. All users are affected.

Recommendations For versions prior to 0.9.5, update the exporter to version 0.9.5 or later to resolve the issue.