Therealshakesbear

Name of the Vulnerable Software and Affected Versions Workbench versions prior to 65.0.0 Description Workbench, a suite of tools for interacting with Salesforce.com organizations via the Force.com APIs, contains a reflected cross-site scripting issue. The vulnerability occurs because the `footerScripts` parameter does not properly sanitize user-supplied input before it is included in the page response, leading to potential cross-site scripting (XSS) attacks. Recommendations Update Workbench to version 65.0.0 or later.

Name of the Vulnerable Software and Affected Versions Workbench versions prior to 65.0.0 Description Workbench, a suite of tools for interacting with Salesforce.com organizations via the Force.com APIs, contains a remote code execution issue in the timezone conversion flow. The issue arises from unsafe processing of attacker-controlled cookie values. This affects administrators and developers using Workbench. Recommendations Update Workbench to version 65.0.0 or later.