1. Severity: medium
2. Reported by: Islam Elgohary
3. Description:
Chat history of chat with the admin is saved in the browser cookies and not erased after a looged in user logs out.
Any user (logged in or not) who uses the browser later on can read the chat between the previous client or previous Business and the admin and know details about their issues.
4. Steps to reproduce the issue:
1) Login as a business
2) chat with admin
3) logout
4) chat history is not erased
5. Expected result:
chat history of logged in user should be erased after they lgout
You are not expected to provide sensitive details in a live chat with support, also this is out of our hands and depends on the cloud service crisp.im that provides the service.
1. Severity: medium 2. Reported by: Islam Elgohary 3. Description: Chat history of chat with the admin is saved in the browser cookies and not erased after a looged in user logs out. Any user (logged in or not) who uses the browser later on can read the chat between the previous client or previous Business and the admin and know details about their issues. 4. Steps to reproduce the issue:
1) Login as a business 2) chat with admin 3) logout 4) chat history is not erased
5. Expected result: chat history of logged in user should be erased after they lgout