CVE-2026-22582

Published: Jan 24, 2026

Modified: Apr 29, 2026

PUBLISHED

Description

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing Cloud Engagement (MicrositeUrl module) allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026.

Vendor	Product	Versions
Salesforce	Marketing Cloud Engagement	affected `0 - < January 21, 2026`

Weaknesses (CWE)

CWE-88

References

https://help.salesforce.com/s/articleView?id=005299346&type=1

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-22582

Description

Affected Products

Weaknesses (CWE)

References