Cross-site scripting attacks are possibly the oldest trick in the hackers book and yet they still have the potential to cause havoc.
Cross-Site Scripting (XSS) vulnerability within a Salesforce subdomain now patched Researchers at cloud application security vendor Elastica have published details of a Cross-Site Scripting (XSS) vulnerability within a Salesforce subdomain providing the potential for attackers to use a trusted Salesforce application as a platform for end-user credential gathering attacks.