Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
Knowbe4Security Awareness Training

2 matches found

CVE
CVEadded 2025/04/20 12:0 a.m.58 views

CVE-2020-36845

The CVE-2020-36845 entry concerns KnowBe4 Security Awareness Training prior to 2020-01-10. A redirect function does not validate the destination URL, and the HTTP response contains a SCRIPT element that sets window.location.href to an arbitrary https URL, enabling an insecure redirect. Affected p...

6.1CVSS7AI score0.00211EPSS
CVE
CVEadded 2025/04/20 12:0 a.m.57 views

CVE-2020-36844

KnowBe4 Security Awareness Training is affected by CVE-2020-36844, a reflected XSS in versions before 2020-01-10. The vulnerability arises from a response SCRIPT element that sets window.location.href to a JavaScript URL, enabling an attacker-controlled script reflected in the page. The CVSS base...

6.1CVSS6.8AI score0.00229EPSS