Salesforce AI Agents Forced to Leak Sensitive Data - Dark Reading | Security

Researchers discovered "ForcedLeak," a critical indirect prompt injection vulnerability (CVSS 9.4) within Salesforce's Agentforce AI platform. This exploit enables attackers to embed malicious instructions into web forms, compelling the autonomous agent to exfiltrate sensitive CRM data, including PII and corporate secrets, to attacker-controlled domains.