Vulnerabilities created by insecure code could lead to data leakage or corruption, and the burden is on Salesforce customers to mitigate.

Salesforce has revealed that an update to its marketing cloud suite may have led to some APIs retrieving or writing data “from one customer’s account to another”.