It’s certainly possible that there’s a valid oversight here, but Salesforce has a rather talented security team, and the company truly lives by “Trust is our #1 value”^1
I can’t speak for the implementation, but my guess is that it’s been very thoroughly vetted by both internal security and external pen tests. They wouldn’t market a high profile security feature without that.
I can’t speak for the implementation, but my guess is that it’s been very thoroughly vetted by both internal security and external pen tests. They wouldn’t market a high profile security feature without that.
(1: I am an ex-Heroku / Salesforce employee)