Critical Salesforce Vulnerability Exposes Global Users to SOQL Injection Attacks
- Joseph K
- Jun 9, 2025
- 1 min read
In June 2025, a security researcher uncovered a critical SOQL (Salesforce Object Query Language) injection vulnerability in a default Salesforce Aura controller, affecting potentially thousands of deployments and millions of user records.
The discovery highlights the risks of dynamic query construction and the importance of secure coding practices in enterprise cloud platforms.
Comments