all InfoSec news
Exploits Explained: Permission misconfiguration within Salesforce JavaScript Remoting tokens used for Apex Controllers
Synack www.synack.com
Mahmoud Gamal is a member of the Synack Red Team. During a late-night hacking session, I tested a website built using the Salesforce Visualforce platform. This website allowed users to enter an application, submit it and retrieve the entry later by providing the reference number and password. While submitting an application, I noticed that there […]
The post Exploits Explained: Permission misconfiguration within Salesforce JavaScript Remoting tokens used for Apex Controllers appeared first on Synack.
apex application bugs and breaches controllers entry explained exploits exploits explained featured hackers hacking javascript misconfiguration password permission permission misconfiguration platform red team reference salesforce session synack synack red team team tokens website