Shadowbyte

**Name of the Vulnerable Software and Affected Versions** Kissflow Work Platform Kissflow Application versions 2.0 through 4.2 **Description** A stored cross-site scripting (XSS) issue exists in Kissflow Work Platform Kissflow Application. This allows attackers to execute arbitrary web scripts or HTML by injecting a crafted payload. The issue affects the Account component of the platform. **Recommendations** Update Kissflow Work Platform Kissflow Application to a version later than 4.2.