Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/04/25 9:19 p.m.5 views

CVE-2020-36845

The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL...

6.1CVSS7AI score0.0023EPSS
Exploits1
nvd
nvd
added 2025/04/20 10:15 p.m.18 views

CVE-2020-36845

The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL...

6.1CVSS0.0023EPSS
Exploits1References1
circl
circl
added 2025/04/20 10:5 p.m.11 views

CVE-2020-36845

creationtimestamp| type| source ---|---|--- 2025-04-20 22:05:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12621 2025-04-20 22:49:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnbqbju5rz2t 2025-04-21 02:15:51+00:00| seen| https://t.me/cvedetector/23419 2025-08-09...

6.1CVSS4.8AI score0.0023EPSS
Exploits1References3
cve
cve
added 2025/04/20 12:0 a.m.65 views

CVE-2020-36845

The CVE-2020-36845 entry concerns KnowBe4 Security Awareness Training prior to 2020-01-10. A redirect function does not validate the destination URL, and the HTTP response contains a SCRIPT element that sets window.location.href to an arbitrary https URL, enabling an insecure redirect. Affected p...

6.1CVSS7AI score0.0023EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2025/04/20 12:0 a.m.10 views

CVE-2020-36845

The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL...

5.3CVSS0.0023EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2025/04/20 12:0 a.m.5 views

CVE-2020-36845

The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL...

5.3CVSS7AI score0.0023EPSS
Exploits1References1
Rows per page
Query Builder