Block Execution of JavaScript in the HYPERLINK Function To Be Enforced

Status – Tested

Salesforce Update Description

Blocking execution of JavaScript in the HYPERLINK function was a critical update in Summer ’17 and will be activated automatically for all orgs on October 30, 2017. This change was phased in over several releases. It addresses a security vulnerability that arises when you use JavaScript in the URL argument of a HYPERLINK function. The JavaScript can include cross-site scripting and make the URL execute on behalf of users.