The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading to additional attacks including session takeovers.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HZoom Meetings
APPZoom< 5.12.2Zoom Rooms For Conference Rooms
APPZoom< 5.12.2Zoom Virtual Desktop Infrastructure
APPZoom< 5.12.2
Related vulnerabilities
Improper neutralization of special elements in Zoom Desktop Client for Windows and Zoom VDI Client before 5.15...
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptib...
A buffer overflow vulnerability was discovered in Zoom Client for Meetings (for Android, iOS, Linux, macOS, an...
The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certifica...
Improper access control in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom SDKs for Win...