6 matches found
CVE-2020-36845
The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL...
CVE-2020-36845
The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL...
CVE-2020-36845
creationtimestamp| type| source ---|---|--- 2025-04-20 22:05:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12621 2025-04-20 22:49:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnbqbju5rz2t 2025-04-21 02:15:51+00:00| seen| https://t.me/cvedetector/23419 2025-08-09...
CVE-2020-36845
The CVE-2020-36845 entry concerns KnowBe4 Security Awareness Training prior to 2020-01-10. A redirect function does not validate the destination URL, and the HTTP response contains a SCRIPT element that sets window.location.href to an arbitrary https URL, enabling an insecure redirect. Affected p...
CVE-2020-36845
The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL...
CVE-2020-36845
The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL...