Salesforce Patches Critical ForcedLeak Bug Exposing CRM Data via AI Prompt Injection - The Hacker News

Salesforce Agentforce was susceptible to a critical indirect prompt injection vulnerability, codenamed ForcedLeak (CVSS 9.4). This flaw allowed attackers to exfiltrate sensitive CRM data by manipulating Web-to-Lead forms, causing AI agents to transmit information to an attacker-controlled domain.