Kiteworks · Kiteworks · CVE-2026-24754
**Name of the Vulnerable Software and Affected Versions**
Kiteworks versions prior to 9.3.0
**Description**
A stored Cross-Site Scripting (XSS) issue in Kiteworks Secure Data Forms allows an authenticated attacker to execute arbitrary JavaScript code within the sessions of other users.
**Recommendations**
Update to version 9.3.0 or later.