Unrated severityNVD Advisory· Published Jan 24, 2026· Updated Apr 29, 2026
CVE-2026-22583
CVE-2026-22583
Description
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Salesforce Marketing Cloud Engagement (CloudPagesUrl module) allows Web Services Protocol Manipulation. This issue affects Marketing Cloud Engagement: before January 21st, 2026.
Affected products
2before January 21st, 2026+ 1 more
- (no CPE)range: before January 21st, 2026
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1News mentions
1- ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New StoriesThe Hacker News · May 7, 2026