VYPR
High severity8.2NVD Advisory· Published Jun 1, 2026· Updated Jun 3, 2026

CVE-2026-24752

CVE-2026-24752

Description

Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker to trick a user into executing arbitrary JavaScript code. Upgrade Kiteworks to version 9.3.0 or later to receive a patch.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

1