Knowbe4 Security Awareness Training — known CVE vulnerabilities
Every CVE whose affected-product data names Knowbe4 Security Awareness Training, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-36844 — CVSS 6.1 (medium): The KnowBe4 Security Awareness Training application before 2020-01-10 allows reflected XSS. The response has a SCRIPT element that sets…
CVE-2020-36845 — CVSS 5.3 (medium): The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination…