CVE-2020-36845 — The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that — CVE Database · The Intelligence Room