CVE-2025-43699

Medium CVSS: 5.3

Client-Side Enforcement of Server-Side Security vulnerability in Salesforce OmniStudio (FlexCards) allows bypass of required permission check.

This impacts OmniStudio: before Spring 2025

Vendor

Product

CWE

CWE-602

Yayın Tarihi

2025-06-10 12:15:24

Güncelleme

2025-06-18 14:15:44

Source Identifier

security@salesforce.com

KEV Date Added

Kategoriler

CWE-602 MEDIUM 2025

Referanslar

https://help.salesforce.com/s/articleView?id=004980323&type=1