| 5158 | Blind XSS in Spotify%27s Salesforce Integration |
Blind XSS
Salesforce |
Spotify |
Mohammed Diaa (@mhmdiaa) |
Bug Bounty | 2016-07-19 | 2023-06-13 |
| 4221 | Leaked Salesforce API access token at IKEA.com |
Information disclosure
Salesforce |
Ikea |
Jonathan Bouman (@JonathanBouman) |
Bug Bounty | 2019-04-04 | 2023-06-13 |
| 2508 | Exploiting Open Redirect - Whitelist Bypass Using Salesforce Environment |
Open redirect
Token theft
Salesforce |
NA |
Gaurav Nayak (@4auvar) |
Bug Bounty | 2021-06-02 | 2023-06-13 |
| 1678 | A Large-scale and Longitudinal Measurement Study of DKIM Deployment |
Email spoofing
Phishing |
Google
Mailchimp
Sendgrid
Salesforce |
Chuhan Wang |
Bug Bounty | 2022-04-01 | 2023-06-13 |
| 1366 | Tableau Server Leaks Sensitive Information From Reflected XSS |
Reflected XSS |
Salesforce |
Simon Bouchard (@SimTwisted) |
Bug Bounty | 2022-07-14 | 2023-06-13 |
| 1220 | Salesforce bug hunting to Critical bug |
Information disclosure
Salesforce |
NA |
Vuk Ivanovic |
Bug Bounty | 2022-08-15 | 2023-06-13 |
| 840 | Security and Privacy Failures in Popular 2FA Apps |
Cryptographic issues |
LastPass
Google
Twilio
Microsoft
Duo
Salesforce
Latch
Zoho |
Conor Gilsenan |
Bug Bounty | 2022-11-11 | 2023-06-13 |
| 166 | Exploits Explained: Permission misconfiguration within Salesforce JavaScript Remoting tokens used for Apex Controllers |
Salesforce
Security misconfiguration
Broken Access Control |
NA |
Mahmoud Gamal (@Zombiehelp54) |
Bug Bounty | 2023-04-21 | 2023-06-13 |
| 38 | Ghost Sites: Stealing Data From Deactivated Salesforce Communities |
Salesforce
Security misconfiguration |
NA |
Nitay Bachrach |
Bug Bounty | 2023-05-31 | 2023-06-13 |
