Salesforce Aura Exposure
Salesforce Aura is publicly accessible.
- salesforce
- aura
- exposure
Salesforce Aura is a UI framework that enables users to create enterprise-level applications with Salesforce. The Lightning Component framework is built on the open-source Aura framework.
The Aura API provides many features, some of which are considered dangerous.
Impact
Attackers can retrieve custom object names and retrieve records that may contain sensitive information.
Solution
Ensure that all Salesforce security updates are applied. Consult with best-practices guidelines for Salesforce applications.
References
Was this page helpful?