説明
The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0 failed to properly constrain client session cookies to Zoom domains. This issue could be used in a more sophisticated attack to send an unsuspecting users Zoom-scoped session cookies to a non-Zoom domain. This could potentially allow for spoofing of a Zoom user.
AI分析AIによる分析
影響を受ける製品
zoommeetings
zoommeetings
zoommeetings
zoommeetings
zoommeetings
参照
- https://explore.zoom.us/en/trust/security/security-bulletinVendor Advisory
- https://explore.zoom.us/en/trust/security/security-bulletinVendor Advisory