The vulnerability was related to the undocumented Salesforce Aura API and SOQL subqueries, allowing a blind SOQL injection attack to retrieve customer information, including personally identifiable information (PII).
This article has been indexed from Cyware News – Latest Cyber News