Skip to main content
TrustStatus

Trust just got personal! Get status and maintenance updates tailored specifically to your tenants, all on Salesforce My Trust Center.

Log In
Informational Message
Informational Message Details
ID# 20000244Ongoing
Security Advisory: Protecting Experience Cloud Sites from Guest User Misconfigurations
Salesforce is actively monitoring threat activity targeting public-facing Experience Cloud sites, including attempts to take advantage of overly permissive guest user configurations. At this time, we have not identified any vulnerability inherent to the Salesforce platform associated with this activity. These attempts are focused on customer configuration settings that, if not properly secured, may increase exposure. We encourage customers to review their Experience Cloud guest user settings and take immediate recommended actions. For additional details and steps to help protect your org, please see our blog: https://www.salesforce.com/blog/protecting-your-data-essential-actions-to-secure-experience-cloud-guest-user-access/ ***** Update 1: Posted Thu, 12 Mar 2026 20:20:56 UTC Salesforce is actively monitoring threat activity targeting public-facing Experience Cloud sites, including attempts to take advantage of overly permissive guest user configurations. We have identified additional guidance for customers to help protect their orgs. Please see our updated blog for recommended actions: https://www.salesforce.com/blog/protecting-your-data-essential-actions-to-secure-experience-cloud-guest-user-access/ At this time, we have not identified any vulnerability inherent to the Salesforce platform associated with this activity.
Posted 8:06 am JST, Mar 08 2026 · Last updated 8:07 am JST, Mar 08 2026