id: salesforce-aura-misconfig info: name: Detect the exposure of Salesforce Lightning aura API author: aaron_costello (@ConspiracyProof) severity: medium # Reference:- # https://www.enumerated.de/index/salesforce # Severity of this misconfiguration depends of disclosed information. requests: - method: POST path: - "{{BaseURL}}/aura" - "{{BaseURL}}/s/sfsites/aura" - "{{BaseURL}}/sfsites/aura" body: "{}" matchers: - type: word words: - 'aura:invalidSession' part: body