Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/04/25 9:19 p.m.11 views

CVE-2020-36844

The KnowBe4 Security Awareness Training application before 2020-01-10 allows reflected XSS. The response has a SCRIPT element that sets window.location.href to a JavaScript URL...

6.1CVSS6.8AI score0.0025EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/04/25 9:19 p.m.5 views

CVE-2020-36845

The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL...

6.1CVSS7AI score0.0023EPSS
Exploits1
CVE
CVE
added 2025/04/20 12:0 a.m.65 views

CVE-2020-36845

The CVE-2020-36845 entry concerns KnowBe4 Security Awareness Training prior to 2020-01-10. A redirect function does not validate the destination URL, and the HTTP response contains a SCRIPT element that sets window.location.href to an arbitrary https URL, enabling an insecure redirect. Affected p...

6.1CVSS7AI score0.0023EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/04/20 12:0 a.m.15 views

CVE-2020-36844

The KnowBe4 Security Awareness Training application before 2020-01-10 allows reflected XSS. The response has a SCRIPT element that sets window.location.href to a JavaScript URL...

6.1CVSS0.0025EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/20 12:0 a.m.10 views

CVE-2020-36845

The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL...

5.3CVSS0.0023EPSS
Exploits1References1
Rows per page
Query Builder