3 matches found
VulnCheck KEV: CVE-2014-8379
Multiple cross-site scripting XSS vulnerabilities in the Marketo MA module before 7.x-1.5 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to field titles to the 1 Webform or 2 User sub-modules...
CVE-2014-8379
The CVE-2014-8379 entry concerns the Marketo MA module for Drupal (7.x) and its Webform and User sub-modules. The root cause is unsanitized field titles that allow cross-site scripting (XSS) by remote authenticated users with certain permissions. Affected versions are Marketo MA 7.x-1.3 and earli...
SA-CONTRIB-2014-082 - Marketo MA - Cross Site Scripting (XSS)
The Marketo MA module adds Marketo marketing automation tracking capability to your website as well as the ability to capture lead data during user registration and via webform integration. It consists of a base module as well as Marketo MA User Webform and Marketo MA User sub-modules. The Market...