SQL injection vulnerability in the Live Chat (com_livechat) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the last parameter to getChatRoom.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Joomla LiveChat component version 2.0 suffers from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.