1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Salesforce plugs silly website XSS hole, hopes nobody spotted it

Discussion in 'The Register' started by RSS, Aug 14, 2015.

  1. RSS

    RSS New Member Member

    Web development 101: Thou shalt stop thy users from inputting JavaScript


    A cross-site scripting (XSS) vulnerability on Salesforce's website might have been abused to pimp phishing attacks or hijack user accounts. Fortunately the bug has been resolved, apparently before it caused any harm.…

    Continue reading...
     

Share This Page