CVE-2026-24754EPSS p3.3%

CVE-2026-24754CVE-2026-24754

accellion / kiteworks

Description

Kiteworks is a private data network (PDN). Prior to version 9.3.0, a stored XSS vulnerability in Kiteworks Secure Data Forms could allow an authenticated attacker to execute arbitrary JavaScript code in other users' sessions. Upgrade Kiteworks to version 9.3.0 or later to receive a patch.

Scoring

CVSS 5.4 ()
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS0.14% probability of exploitation · percentile 3.3% · 2026-06-19T12:03:05Z
Last modified2026-06-03

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-24752
CVE
CVE-2026-24751
CVE
CVE-2026-24782
CVE
CVE-2026-24756
CVE
CVE-2026-24753
CVE
CVE-2026-24755
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.