CVE-2026-23635 Kiteworks Secure Data Forms has a potential Unprotected Transport of Credentials

Kiteworks is a private data network PDN. In Kiteworks Secure Data Forms prior to version 9.2.1, a misconfiguration of the security attributes could potentially lead to Unprotected Transport of Credentials under certain circumstances. Upgrade Kiteworks to version 9.2.1 or later to receive a patch...

EUVD-2026-15540

Kiteworks is a private data network PDN. In Kiteworks Secure Data Forms prior to version 9.2.1, a misconfiguration of the security attributes could potentially lead to Unprotected Transport of Credentials under certain circumstances. Upgrade Kiteworks to version 9.2.1 or later to receive a patch...

CVE-2026-24750

Kiteworks is a private data network PDN. In Kiteworks Secure Data Forms prior to version 9.2.1, an authenticated attacker could exploit an Improper Neutralization of Input During Web Page Generation as Stored XSS when modifying forms. Upgrade Kiteworks to version 9.2.1 or later to receive a patch...

CVE-2026-24750

Kiteworks Secure Data Forms (before v9.2.1) is affected by an Stored XSS in the web-page generation step when modifying forms, caused by improper input neutralization. An authenticated attacker can exploit this with access to form modification flows. A patch is available in version 9.2.1 and late...

CVE-2026-24750 Kiteworks Secure Data Forms vulnerable to Cross-site Scripting

Kiteworks is a private data network PDN. In Kiteworks Secure Data Forms prior to version 9.2.1, an authenticated attacker could exploit an Improper Neutralization of Input During Web Page Generation as Stored XSS when modifying forms. Upgrade Kiteworks to version 9.2.1 or later to receive a patch...

EUVD-2026-15455

Kiteworks is a private data network PDN. In Kiteworks Secure Data Forms prior to version 9.2.1, an authenticated attacker could exploit an Improper Neutralization of Input During Web Page Generation as Stored XSS when modifying forms. Upgrade Kiteworks to version 9.2.1 or later to receive a patch...

PT-2026-27785

Name of the Vulnerable Software and Affected Versions Kiteworks versions prior to 9.2.1 Description Kiteworks is a private data network PDN. In Kiteworks Secure Data Forms, an authenticated attacker could exploit an Improper Neutralization of Input During Web Page Generation, resulting in Stored...

Kiteworks Secure Data Forms 安全漏洞

Kiteworks Secure Data Forms is a data interaction tool provided by the American company Kiteworks. It offers capabilities for secure data collection and form submission management. Versions of Kiteworks Secure Data Forms prior to 9.2.1 contained security vulnerabilities. These vulnerabilities wer...

Kiteworks Secure Data Forms 代码问题漏洞

Kiteworks Secure Data Forms is a data interaction tool provided by the American company Kiteworks, which offers capabilities for secure data collection and form submission management. Versions of Kiteworks Secure Data Forms prior to 9.2.1 had code vulnerabilities due to lack of validation, which...

PT-2026-28067

Kiteworks is a private data network PDN. In Kiteworks Secure Data Forms prior to version 9.2.1, the manager of a form could potentially exploit an Unrestricted Upload of File with Dangerous Type due to a missing validation. Upgrade Kiteworks to version 9.2.1 or later to receive a patch...