Researchers disclosed a critical flaw, named ForcedLeak, in Salesforce Agentforce that enables indirect prompt injection, risking CRM data exposure. Noma Labs researchers discovered a critical vulnerability, named ForcedLeak (CVSS 9.4), in Salesforce Agentforce that could be exploited by attackers to exfiltrate sensitive CRM data through an indirect prompt injection attack. The vulnerability only impacts organizations […]
First seen on securityaffairs.com
Jump to article: securityaffairs.com/182676/hacking/forcedleak-flaw-in-salesforce-agentforce-exposes-crm-data-via-prompt-injection.html
