Product
An authenticated attacker can exploit a stored XSS vulnerability (CVE-2026-24750) in Kiteworks Secure Data Forms before version 9.2.1 due to improper neutralization of input, leading to arbitrary script execution in the context of other users.