A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat prior to 2.0.22.
cryptocat project cryptocat