CVE-2020-36844 – KnowBe4 Security Awareness Training Reflective Cross-Site Scripting

April 20, 2025

CVE ID : CVE-2020-36844

Published : April 20, 2025, 10:15 p.m. | 4 hours ago

Description : The KnowBe4 Security Awareness Training application before 2020-01-10 allows reflected XSS. The response has a SCRIPT element that sets window.location.href to a JavaScript URL.

Severity: 6.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2020-36845 – KnowBe4 Security Awareness Training Cross-Site Scripting (XSS)

Next Article CVE-2025-43929 – Kitty Open Actions Local File Execution Vulnerability

The Value-Driven AI Roadmap

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

As Windows 10 support ends, users weigh costly extended security program against upgrading to Windows 11

Lenovo’s Legion Glasses 2 update could change handheld gaming

Is Lenovo’s refreshed LOQ tower enough to compete? New OLED monitors raise the stakes at IFA 2025

External Forces Reshaping Financial Services in 2025 and Beyond

External Forces Reshaping Financial Services in 2025 and Beyond

Why It’s Time to Move from SharePoint On-Premises to SharePoint Online

Apple’s Big Move: The Future of Mobile

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

Lenovo Legion Go 2 specs unveiled: The handheld gaming device to watch this October

As Windows 10 support ends, users weigh costly extended security program against upgrading to Windows 11

Lenovo’s Legion Glasses 2 update could change handheld gaming

CVE-2020-36844 – KnowBe4 Security Awareness Training Reflective Cross-Site Scripting

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack

TOR-Based Cryptojacking Attack Expands Through Misconfigured Docker APIs

CVE-2024-55567 – Insyde H2O UsbCoreDxe SMM Call Out Vulnerability

System Cleaner BleachBit Sees First ‘Major Update’ Since 2023

CVE-2024-7399: Samsung MagicINFO Vulnerability Now Actively Exploited in the Wild

A Comprehensive Coding Tutorial for Advanced SerpAPI Integration with Google Gemini-1.5-Flash for Advanced Analytics

Xbox and PC’s best L4D alternative has a new class gameplay video for you

Getting Creative With Versal Letters

How to Turn Ubuntu 24.04 into a KVM Hypervisor – Quick Setup with Web Management

Data Structures and Algorithms (DSA): A Complete Tutorial

CVE-2020-36844 – KnowBe4 Security Awareness Training Reflective Cross-Site Scripting

Related Posts