CVE-2025-53897

Published November 29th, 2025

View on NVD ↗

CVSS v3

6.8

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, this vulnerability could allow an external attacker to gain access to log information from the system by tricking an administrator into browsing a specifically crafted fake page of Kiteworks MFT. This issue has been patched in version 9.1.0.

kiteworks/security-advisories

Security advisories for all published CVEs of Kiteworks

GitHub