MAL-2025-49170 Malicious code in epic-node-marketo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37a5bcaefa79c4208736d118e3cffe13ed49b7656821501bce7473bb2c3bf762 The package epic-node-marketo was found to contain malicious code...

Malicious code in epic-node-marketo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37a5bcaefa79c4208736d118e3cffe13ed49b7656821501bce7473bb2c3bf762 The package epic-node-marketo was found to contain malicious code...

EUVD-2025-37123

Malicious code in epic-node-marketo npm...

EUVD-2020-17136

Malware in sbrugna...

EUVD-2020-27992

Malware in sbrugna...

EUVD-2014-8216

Malware in sbrugna...

Malicious code in leadconduit-marketo (npm)

The package leadconduit-marketo was found to contain malicious code...

MAL-2025-25035 Malicious code in leadconduit-marketo (npm)

The package leadconduit-marketo was found to contain malicious code...

CVE-2020-6849

The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=marketofat CSRF with resultant XSS...

CVE-2014-8379

Multiple cross-site scripting XSS vulnerabilities in the Marketo MA module before 7.x-1.5 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to field titles to the 1 Webform or 2 User sub-modules...

VulnCheck KEV: CVE-2014-8379

Multiple cross-site scripting XSS vulnerabilities in the Marketo MA module before 7.x-1.5 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script or HTML via vectors related to field titles to the 1 Webform or 2 User sub-modules...

WordPress Marketo Forms and Tracking Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Software Marketo Forms and Tracking Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2020-6849 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 49ac15351483 Credits Zeroauth...

Malicious Package

Overview epic-ue-marketo is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package w...

Adobe: Main Domain Takeover at https://www.marketo.net/

Resolved valid subdomain takeover report on Marketo. We appreciate the collaboration with the researcher...

Virginia National Guard suffers cyberattack as Marketo leaks data

By Waqas According to the organization, email accounts linked with Virginia National Guard were targeted in the cyberattack. This is a post from HackRead.com Read the original post: Virginia National Guard suffers cyberattack as Marketo leaks data...

A week in security (June 21 – June 27)

Last week on Malwarebytes Labs: Want to stop ransomware attacks? Send the cybercriminals to jail, says Brian Honan: Lock and Code S02E11 Atomic research institute breached via VPN vulnerability Hotel staff bust Hermes SMS scammer with suspiciously large number of cables City of Liège hit by...

The vulnerability of the Marketo Sales Insight Salesforce automated marketing software package lies in the lack of measures to cleanse input data, allowing attackers to execute arbitrary JavaScript code.

The vulnerability of the Marketo Sales Insight Salesforce automated marketing software package is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary JavaScript code...

Acronis: Subdomains takeover of register.acronis.com, promo.acronis.com, info.acronis.com and promosandbox.acronis.com

Summary: The Subdomains https://register.acronis.com, https://promo.acronis.com, https://info.acronis.com and https://promosandbox.acronis.com are vulnerable to takeover due to unclaimed marketo CNAME records. Anyone is able to own these subdomains at the moment. This vulnerability is called...

Marketo OneThird Sales Insight Cross-Site Scripting Vulnerability

Adobe Marketo Sales Insight is a sales insight software from American Odobe Adobe. It provides sellers with sales intelligence, advertising strategies, and lead analysis to improve sales efficiency. Marketo OneThird Sales Insight suffers from a cross-site scripting vulnerability that arises from ...

Adobe Releases Security Updates for Multiple Products

Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the following...