CVE-2022-22785

Name of the Vulnerable Software and Affected Versions Zoom Client for Meetings versions prior to 5.10.0

Description The issue is related to the disclosure of information and could allow a remote attacker to reveal protected information. This could be used in a sophisticated attack to send an unsuspecting user's Zoom-scoped session cookies to a non-Zoom domain, potentially allowing for spoofing of a Zoom user.

Recommendations For versions prior to 5.10.0, update to version 5.10.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and session cookies to minimize the risk of exploitation.