kkFileView is a Spring-Boot-based online file preview project from Keking Technology (China). kkFileView is vulnerable to a cross-site scripting vulnerability that stems from the setWatermarkAttribute function in its /picturesPreview file, which allows attackers to implement cross-site scripting. No details of the vulnerability are available at this time.