CVE-2025-53897
Kiteworks MFT has a Cross-Site Request Forgery (CSRF) vulnerability
Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, this vulnerability could allow an external attacker to gain access to log information from the system by tricking an administrator into browsing a specifically crafted fake page of Kiteworks MFT. This issue has been patched in version 9.1.0.
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
Produtos afetados
kiteworks · security-advisoriesQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →