Cross-site scripting in certain Zoom Workplace Clients may allow an unauthenticated user to conduct a denial of service via network access.
2025-09-09T22:15:33.013
2025-10-06T17:45:49.187
Analyzed
CVSSv3.1: 4.3 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | zoom | meeting_software_development_kit | < 6.5.0 | Yes |
| Application | zoom | meeting_software_development_kit | < 6.5.0 | Yes |
| Application | zoom | meeting_software_development_kit | < 6.5.0 | Yes |
| Application | zoom | meeting_software_development_kit | < 6.5.0 | Yes |
| Application | zoom | rooms | < 6.5.0 | Yes |
| Application | zoom | rooms | < 6.5.0 | Yes |
| Application | zoom | rooms | < 6.5.0 | Yes |
| Application | zoom | rooms | < 6.5.0 | Yes |
| Application | zoom | rooms_controller | < 6.5.0 | Yes |
| Application | zoom | rooms_controller | < 6.5.0 | Yes |
| Application | zoom | rooms_controller | < 6.5.0 | Yes |
| Application | zoom | rooms_controller | < 6.5.0 | Yes |
| Application | zoom | workplace | < 6.5.0 | Yes |
| Application | zoom | workplace_desktop | < 6.5.0 | Yes |
| Application | zoom | workplace_desktop | < 6.5.0 | Yes |
| Application | zoom | workplace_desktop | < 6.5.0 | Yes |
| Application | zoom | workplace_virtual_desktop_infrastructure | < 6.3.14 | Yes |
| Application | zoom | workplace_virtual_desktop_infrastructure | < 6.4.12 | Yes |