QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2026-34951

Back to search

CVE-2026-34951

Published: Apr 6, 2026

Modified: Apr 7, 2026

PUBLISHED

Description

Workbench is a suite of tools for administrators and developers to interact with Salesforce.com organizations via the Force.com APIs. Prior to 65.0.0, Workbench contains a reflected cross-site scripting vulnerability via the footerScripts parameter, which does not sanitize user-supplied input before rendering it in the page response. Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Workbench allows XSS Targeting Error Pages. This vulnerability is fixed in 65.0.0.

VendorProductVersions

forceworkbench

forceworkbench

affected
< 65.0.0

Weaknesses (CWE)

CWE-79

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2026-34951 - Security Vulnerability | QwikSec