Description Sakai through 12.6 allows XSS via a chat user name. Remediation References https://github.com/sakaiproject/sakai/pull/6971 Related Vulnerabilities CVE-2021-33587 Vulnerability in npm package css-what CVE-2022-31070 Vulnerability in npm package @ffdc/nestjs-proxy CVE-2018-3786 Vulnerability in npm package egg-scripts CVE-2020-4059 Vulnerability in npm package mversion CVE-2020-36282 Vulnerability in maven package com.rabbitmq.jms:rabbitmq-jms Severity High Classification CWE-79 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Patch Third Party Advisory