Zoom released updates for vulnerabilities across various platforms, including the most severe cross-site scripting flaw which could compromise user data integrity. The vulnerabilities, with medium to low CVSS scores, could be exploited to inject malicious scripts or cause denial of service. Zoom addressed the issues in their latest updates for an extensive range of applications including desktop, mobile, VDI clients, Zoom Rooms, and the Meeting SDK.
Source: https://cybersecuritynews.com/zoom-workplace-apps-vulnerability/
"id": "zoo642040825",
"linkid": "zoom-video-communications",
"type": "Vulnerability",
"date": "4/2025",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences"