#misconfiguration-vulnerabilities
#misconfiguration-vulnerabilities

[ follow ]

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

Threat actors are exploiting misconfigured Salesforce Experience Cloud sites using a modified AuraInspector tool to extract sensitive data from overly permissive guest user profiles.

Information security

fromTechzine Global

1 month ago

Mandiant security tool AuraInspector prevents Salesforce problems

AuraInspector finds Aura-framework misconfigurations in Salesforce Experience Cloud that allow unauthorized access to sensitive backend data and reveals a GraphQL bypass to extract records.

[ Load more ]

#misconfiguration-vulnerabilities#misconfiguration-vulnerabilities

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

Mandiant security tool AuraInspector prevents Salesforce problems

#misconfiguration-vulnerabilities
#misconfiguration-vulnerabilities