VulnerAlert
APPLICATION
20-04-2025 19:20
CVE-2020-36845
Vulnerabilidad documentada
Sin puntuación
Tags
#application
#arbitrary
#security
Descripción
The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL redirecting. The response has SCRIPT element sets window.location.href to an arbitrary https URL.
https://www.doyler.net/security-not-included/knowbe4-vulnerabilities
Referencia
CVE relacionado(s)
Link externo
Ver detalles
Fuente
https://nvd.nist.gov/vuln/detail/CVE-2020-36845
Resultados similares
Coincidentes en almenos en 50% de los tags
20-04-2025
CVE-2020-36844
The KnowBe4 Security Awareness Training application before 2020-01-10 allows reflected XSS. The...
Ver información
19-04-2025
CVE-2016-6772
An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to ...
Ver información
Icons made by
Freepik
from
www.flaticon.com
Este Proyecto es cofinanciado por el Consejo Nacional de Ciencia y Tecnología (CONACYT) a través del PROINNOVA
Proyecto realizado por
