14 matches found
CVE-2026-29092
Kiteworks is a private data network PDN. Prior to version 9.2.1, a vulnerability in Kiteworks Email Protection Gateway session management allows blocked users to maintain active sessions after their account is disabled. This could allow unauthorized access to continue until the session naturally...
CVE-2026-29092
Kiteworks is a private data network PDN. Prior to version 9.2.1, a vulnerability in Kiteworks Email Protection Gateway session management allows blocked users to maintain active sessions after their account is disabled. This could allow unauthorized access to continue until the session naturally...
CVE-2026-29092
Kiteworks is a private data network PDN. Prior to version 9.2.1, a vulnerability in Kiteworks Email Protection Gateway session management allows blocked users to maintain active sessions after their account is disabled. This could allow unauthorized access to continue until the session naturally...
CVE-2026-29092 Kiteworks Email Protection Gateway has an Insufficient Session Expiration
Kiteworks is a private data network PDN. Prior to version 9.2.1, a vulnerability in Kiteworks Email Protection Gateway session management allows blocked users to maintain active sessions after their account is disabled. This could allow unauthorized access to continue until the session naturally...
EUVD-2026-15807
Kiteworks is a private data network PDN. Prior to version 9.2.1, a vulnerability in Kiteworks Email Protection Gateway session management allows blocked users to maintain active sessions after their account is disabled. This could allow unauthorized access to continue until the session naturally...
PT-2026-28070
Kiteworks is a private data network PDN. Prior to version 9.2.1, a vulnerability in Kiteworks Email Protection Gateway session management allows blocked users to maintain active sessions after their account is disabled. This could allow unauthorized access to continue until the session naturally...
CVE-2026-28272
Kiteworks is a private data network PDN. Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a configuration interface. The stored script executes when users interact with the affected user interface...
CVE-2026-28272
Kiteworks is a private data network PDN. Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a configuration interface. The stored script executes when users interact with the affected user interface...
CVE-2026-28272
Kiteworks Email Protection Gateway (pre-9.2.0) has a stored XSS vulnerability exploitable by authenticated administrators via a configuration interface. The stored script can execute when users interact with the affected UI, potentially impacting confidentiality and integrity (C=HIGH, I=HIGH) wit...
CVE-2026-28272
Kiteworks is a private data network PDN. Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a configuration interface. The stored script executes when users interact with the affected user interface...
CVE-2026-28272 Kiteworks Email Protection Gateway has a Cross-site Scripting vulnerability
Kiteworks is a private data network PDN. Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a configuration interface. The stored script executes when users interact with the affected user interface...
EUVD-2026-9067
Kiteworks is a private data network PDN. Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a configuration interface. The stored script executes when users interact with the affected user interface...
PT-2026-22396
Name of the Vulnerable Software and Affected Versions Kiteworks versions prior to 9.2.0 Description Kiteworks Email Protection Gateway contains a flaw that allows authenticated administrators to inject malicious scripts through a configuration interface. These scripts execute when users interact...
Kiteworks 跨站脚本漏洞
Kiteworks is a security private network data software developed by Kiteworks Corporation in the United States. Versions of Kiteworks prior to 9.2.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from defects in the configuration interface of Email Protection Gateway,...