Salesforce Aura Exposure

Salesforce Aura is publicly accessible.

  • salesforce
  • aura
  • exposure

Salesforce Aura is a UI framework that enables users to create enterprise-level applications with Salesforce. The Lightning Component framework is built on the open-source Aura framework.

The Aura API provides many features, some of which are considered dangerous.

Impact

Attackers can retrieve custom object names and retrieve records that may contain sensitive information.

Solution

Ensure that all Salesforce security updates are applied. Consult with best-practices guidelines for Salesforce applications.

References

Was this page helpful?