Cyberasset

**Name of the Vulnerable Software and Affected Versions** RocketChat LiveChat versions prior to 1.9 **Description** A blind self XSS issue exists that could allow an attacker to trick a victim into pasting malicious code in their chat instance. This could potentially lead to the execution of unauthorized code within the victim's chat instance. **Recommendations** For versions prior to 1.9, update to version 1.9 or later to resolve the issue. As a temporary workaround, consider restricting the ability for users to paste code in their chat instances until a patch is applied.