Skip to main content

CVE-2025-49462: CWE-352 Cross-Site Request Forgery (CSRF) in Zoom Communications Inc. Zoom Clients

Low
VulnerabilityCVE-2025-49462cvecve-2025-49462cwe-352
Published: Thu Jul 10 2025 (07/10/2025, 16:24:14 UTC)
Source: CVE Database V5
Vendor/Project: Zoom Communications Inc.
Product: Zoom Clients

Description

Cross-site scripting in certain Zoom Clients before version 6.4.5 may allow an authenticated user to conduct a disclosure of information via network access.

Technical Details

Data Version
5.1
Assigner Short Name
Zoom
Date Reserved
2025-06-04T22:48:18.921Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 686fee50a83201eaaca8ca90

Added to database: 7/10/2025, 4:46:08 PM

Last updated: 7/10/2025, 4:46:08 PM

Views: 1

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats