This looks like SQL code. Zoom doesn't even use SQL. So there is zero chance this code will be executed by Zoom.

It is probably an automated script doing this. I would hope a real hacker would be smarter and come up with something that had half a chance of working

Thanks.
Can you see a scenario where someone can inject code into the search box? Does the search code acount for such situation.
Myalo

Cross site scripting XSS issues are the higher risk area and some old versions of the code had some theoretical holes. But even a successful XSS exploit with Zoom wouldn't usually compromise your site in any case, they are, for most sites, just an inconvenience.

We have closed off all avenues of attack that we are aware of. And are aren't aware of any successful attacks amongst our users. If you are using V4 and are concerned about XSS, you should upgrade to V5 however.

Don't be too alarmed however. Pretty much every HTML form on the web is being subjected to these automatic attacks. You only notice it with Zoom becuase you check the logs.