Encoding Error
CVE-2018-3777
Summary
Insufficient URI encoding in restforce before 3.0.0 allows attacker to inject arbitrary parameters into Salesforce API requests.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- HIGH
- HIGH
CWE-172 - Encoding Error
The software does not properly encode or decode the data, resulting in unexpected values.
References
Advisory Timeline
- Published