7 matches found
EUVD-2020-17136
Malware in sbrugna...
The vulnerability of the Marketo Sales Insight Salesforce automated marketing software package lies in the lack of measures to cleanse input data, allowing attackers to execute arbitrary JavaScript code.
The vulnerability of the Marketo Sales Insight Salesforce automated marketing software package is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary JavaScript code...
CVE-2020-24416
Marketo Sales Insight plugin version 1.4355 and earlier is affected by a blind stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to...
CVE-2020-24416
Marketo Sales Insight plugin version 1.4355 and earlier is affected by a blind stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to...
CVE-2020-24416
CVE-2020-24416 affects Marketo Sales Insight plugin for Salesforce, specifically version 1.4355 and earlier, by a blind stored XSS in vulnerable form fields. Exploitation could cause arbitrary JavaScript execution in a victim’s browser when visiting pages containing the affected field. Multiple s...
CVE-2020-24416 Blind stored XSS in Marketo Sales insight plugin for SalesForce
Marketo Sales Insight plugin version 1.4355 and earlier is affected by a blind stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to...
APSB20-60 Security updates available for Marketo
Marketo has released an update for the Marketo Sales Insight package for Salesforce. This update addresses an important vulnerability. Successful exploitation could lead to arbitrary JavaScript execution in the browser...