CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2025/04/25 9:19 p.m.•5 views

CVE-2020-36844

The KnowBe4 Security Awareness Training application before 2020-01-10 allows reflected XSS. The response has a SCRIPT element that sets window.location.href to a JavaScript URL...

6.1CVSS6.8AI score0.00194EPSS

Exploits1

RedhatCVE•added 2025/04/25 9:19 p.m.•3 views

CVE-2020-36845

The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href to an arbitrary https URL...

6.1CVSS7AI score0.00161EPSS

Exploits1

Cvelist•added 2025/04/20 12:0 a.m.•6 views

CVE-2020-36845

5.3CVSS0.00161EPSS

Exploits1References1

CVE•added 2025/04/20 12:0 a.m.•49 views

CVE-2020-36845

The CVE-2020-36845 entry concerns KnowBe4 Security Awareness Training prior to 2020-01-10. A redirect function does not validate the destination URL, and the HTTP response contains a SCRIPT element that sets window.location.href to an arbitrary https URL, enabling an insecure redirect. Affected p...

6.1CVSS7AI score0.00161EPSS

Exploits1References1Affected Software1

Cvelist•added 2025/04/20 12:0 a.m.•7 views

CVE-2020-36844

The KnowBe4 Security Awareness Training application before 2020-01-10 allows reflected XSS. The response has a SCRIPT element that sets window.location.href to a JavaScript URL...

6.1CVSS0.00194EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by