Critical SOQL Injection 0-Day Vulnerability in Salesforce Affects Millions Worldwide
Posted: Wed Jun 11, 2025 5:15 am
A critical zero-day vulnerability discovered in Salesforce‘s default controller has exposed millions of user records across thousands of deployments worldwide.
The security flaw, found in the built-in aura://CsvDataImportResourceFamilyController/ACTION$getCsvAutoMap controller, allowed attackers to extract sensitive user information and document details through SOQL injection techniques.
https://cybersecuritynews.com/soql-inje ... erability/
The security flaw, found in the built-in aura://CsvDataImportResourceFamilyController/ACTION$getCsvAutoMap controller, allowed attackers to extract sensitive user information and document details through SOQL injection techniques.
https://cybersecuritynews.com/soql-inje ... erability/