Hi, one of our security people noted that the visualforce Marketo window within Salesforce (the Marketo sales insights) is a security threat especially for XSS attacks, meaning people trying to inject a script to a Marketo form and hack the system.
Is that true? if so, is there something we can do? He said that using captcha or recaptcha will not help in these cases and the fix should be on the server side.
Does anyone have any information about that?