CNNVD-202510-033 Information

CNNVD ID

CNNVD-202510-033

Related CVE

CVE-2025-57393

• CNNVD Published: 2025-10-01

Description (Chinese)

Kissflow Work Platform是美国Kissflow公司的一个低代码流程自动化平台。 Kissflow Work Platform v2.0版本至v4.2版本存在安全漏洞，该漏洞源于注入特制有效载荷，可能导致存储型跨站脚本攻击。

Description (English)

Kissflow Work Platform is a low-code process automation platform for Kissflow in the United States. There is a security gap between Kissflow Work Platform v. 2.0 and v. 4.2, which results from the injection of a special payload, which may result in a storage-type cross-station script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Kissflow

Published

2025-10-01

Last Modified

2026-02-24

References

http://kissflow.com https://github.com/ShadowByte1/CVE-Reports/blob/main/CVE-2025-57393.md