CVE-2021-34425

Name of the Vulnerable Software and Affected Versions: Zoom Client for Meetings versions prior to 5.7.3

Description: The issue concerns a server-side request forgery vulnerability in the chat's "link preview" functionality. If a user enables this feature, a malicious actor could trick the user into sending arbitrary HTTP GET requests to URLs that the actor cannot reach directly.

Recommendations: For versions prior to 5.7.3, update to version 5.7.3 or later to resolve the issue. As a temporary workaround, consider disabling the "link preview" feature in the chat until a patch is available.