Lucene search
HistoryJun 13, 2023 - 5:15 p.m.
CVE-2023-28598
zoom
linux
cve-2023-28598
html injection
vulnerability
chat crash
nvd
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.8%
Zoom for Linux clients prior to 5.13.10 contain an HTML injection vulnerability. If a victim starts a chat with a malicious user it could result in a Zoom application crash.
Affected configurations
Node
zoomzoomRange<5.13.10linux
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Zoom for Linux clients",
"vendor": "Zoom Video Communications, Inc.",
"versions": [
{
"status": "affected",
"version": "before 5.13.10"
}
]
}
]Related
nessus
nessus
Zoom Client for Meetings < 5.13.10 Vulnerability (ZSB-23006)
2023-06-13 00:00:00
prion
prion
Design/Logic Flaw
2023-06-13 17:15:00
nvd
nvd
CVE-2023-28598
2023-06-13 17:15:14
cvelist
cvelist
CVE-2023-28598
2023-06-13 16:49:29
openvas
openvas
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.4 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.8%
Related for CVE-2023-28598