The plugin doesn't filter user input on chat, leading to bad code inserted on it be reflected on the user dashboard.
1. Enter `#"><image src=/ onerror=alert("XSS")>` as the malicious payload into the chatbot input.
2. See XSS vulnerability.
2023-05-22 (about 4 months ago)
2023-05-24 (about 4 months ago)
2023-05-25 (about 4 months ago)