Security News

Salesforce Patches XSS on a Subdomain (Threatpost)
2015-08-13 18:27

Salesforce.com patched a cross-site scripting vulnerability on one of its domains that could have led to phishing attacks.

Script injection vulnerability discovered in Salesforce (Help Net Security)
2015-08-13 08:15

Elastica discovered an injection vulnerability in Salesforce which opened the door for attackers to use a trusted Salesforce application as a platform to conduct phishing attacks to steal end-users' l...