On OWASP.org - testing and reporting all of the salesforce integrations with webforms, and webform
data on the website.
Get a complete list of all of the forms in use which we can pull from the chapter (leaders)
handbook, and the current site.
test each one and file bug reports for them. In particular, each form should be able to do the
Receive the post data accurately
Return to the user's browser the confirmation that it was received on the screen when submitted
along with an issue number.
Issu8 a receipt to the user via email with complete data submitted by the form. If there is credit
card info or personal info, it should be only partial but enough to verify that it was included in
There should be a timeline or some kind of data that the user receives in the email to expect a
resolution of their issue, and the forms should be logged in a place where the user can access the
log data through their account, as well as tracked on the resolution and progress of the issue's
OWASP Grand Prize $100