maven›org.sakaiproject/chat-base›CVE-2019-161486.1 MEDIUMCross-site ScriptingSakai allows XSS via a chat user name.