Skip to main content

Security Awareness Training

2 CVEs product

Monthly

CVE-2020-36845 MEDIUM POC This Month

The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Security Awareness Training
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2020-36844 MEDIUM POC This Month

The KnowBe4 Security Awareness Training application before 2020-01-10 allows reflected XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Security Awareness Training
NVD
CVSS 3.1
6.1
EPSS
0.2%
EPSS 0% CVSS 5.3
MEDIUM POC This Month

The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Security Awareness Training
NVD
EPSS 0% CVSS 6.1
MEDIUM POC This Month

The KnowBe4 Security Awareness Training application before 2020-01-10 allows reflected XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Security Awareness Training
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy