CVE-2023-28599

4.3MEDIUM

Key Information

Status
Zoom For Android
Zoom For iOS
Zoom For Linux
Zoom For Mac OS
Vendor
CVE Published:
13 June 2023

Summary

Zoom clients prior to 5.13.10 contain an HTML injection vulnerability. A malicious user could inject HTML into their display name potentially leading a victim to a malicious website during meeting creation.

Affected Version(s)

Zoom for Android = before 5.13.10

Zoom for iOS = before 5.13.10

Zoom for Linux = before 5.13.10

Refferences

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.