Back to directory
WRITEUP #1258

Exploits Explained: Permission misconfiguration within Salesforce JavaScript Remoting tokens used for Apex Controllers

RCESalesforceSecurity misconfigurationBroken Access Control
by@Zombiehelp54(Mahmoud Gamal)
Program
-
Published
Apr 21, 2023
Added to HackDex
Apr 27, 2023
Read Full Writeuphttps://www.synack.com/blog/permission-problem-salesforce-javascript-remoting-token/
RELATED WRITEUPS
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package
RCEDependency confusion
Attacking PowerShell CLIXML Deserialization
DeserializationInsecure deserialization
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS
RCEArbitrary file write
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI
RCETLD hacking

Built with ❤️ by Shubham Rawat