Both global and Room chat are vulnerable to XSS attack in Apache OpenMeetings 3.2.0.
apache openmeetings 3.2.1
apache openmeetings 3.2.0