Salesforce CSP Bypass Scanner

Salesforce is a widely used customer relationship management (CRM) platform that helps businesses manage customer interactions and streamline processes. It is utilized by sales, customer service, and marketing teams to automate tasks and monitor customer engagement. Salesforce's flexible structure allows integration with numerous applications and services, expanding its utility across various industries.

The vulnerability detected by this scanner is focused on the Salesforce Content-Security-Policy (CSP), which is designed to prevent cross-site scripting (XSS) attacks. CSP is a security feature that helps mitigate the risk of XSS by restricting the sources from which content can be loaded. This scanner checks for bypasses in Salesforce's CSP that could allow malicious scripts to be executed, potentially compromising sensitive information.

Technically, the scanner targets endpoints in Salesforce that include CSP implementation in their headers. It utilizes specific payloads designed to infiltrate the CSP and execute scripts, which are then monitored for execution success. The vulnerability is indicated if the injected scripts bypass the CSP restrictions, revealing a weakness in the Salesforce protection mechanisms.

If the Salesforce CSP is exploited by malicious users, it could lead to serious security breaches, including data theft, unauthorized access to user accounts, and tampering with CRM data. An exploited CSP vulnerability can undermine the trustworthiness of Salesforce's security assurances, leading to potential losses in customer confidence and financial penalties.

REFERENCES

• https://github.com/renniepak/CSPBypass/blob/main/data.tsv