CVE-2023-28599
4.3MEDIUM
Key Information
- Status
- Zoom For Android
- Zoom For iOS
- Zoom For Linux
- Zoom For Mac OS
- Vendor
- CVE Published:
- 13 June 2023
Summary
Zoom clients prior to 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentially leading a victim to a malicious website during meeting creation.
Affected Version(s)
Zoom for Android = before 5.13.10
Zoom for iOS = before 5.13.10
Zoom for Linux = before 5.13.10
Refferences
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database