Medium
CVSS 4.1
Overview
Cross site scripting in Zoom Desktop Client for Linux before version 5.17.10 may allow an authenticated user to conduct a denial of service via network access.
CVE-2024-27242
Cross site scripting in Zoom Desktop Client for Linux before version 5.17.10 may...
Risk analysis
This vulnerability is rated 🟡 MEDIUM.
- CVSS: 4.1 (MEDIUM)
- Detected tags: dos, xss (tag impact: MODERATE)
Recommended actions:
- Rate limiting, resource quotas and circuit breakers.
- Apply context-aware output encoding.
- Enable Content-Security-Policy and HttpOnly/SameSite cookies.