Security Advisory

CVE-2026-28272

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-27 20:22:59

Last updated 2026-03-03 20:27:59

Assigner GitHub_M

State PUBLISHED

Description

Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a configuration interface. The stored script executes when users interact with the affected user interface. Version 9.2.0 contains a patch for the issue.

← Browse all CVEs View on cve.org ↗