CVE-2020-24416 is a vulnerability in Adobe Marketo Sales Insight
Published on October 20, 2020
Blind stored XSS in Marketo Sales insight plugin for SalesForce
Marketo Sales Insight plugin version 1.4355 (and earlier) is affected by a blind stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victims browser when they browse to the page containing the vulnerable field.
Weakness Type
What is a XSS Vulnerability?
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CVE-2020-24416 has been classified to as a XSS vulnerability or weakness.
Products Associated with CVE-2020-24416
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-24416 are published in Adobe Marketo Sales Insight:
Affected Versions
Adobe Marketo:- Version unspecified, <= 1.4355 is affected.
- Version unspecified, <= None is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.