You need to sign in to do that
Don't have an account?
tstrong
Security of Email Approval Response
Has anyone vetted the security of email approval responses?
Our security team is concerned that a user could get an approval request email and change the opportunity data in the email header in order to inappropriately approve another opportunity that they shouldn't have access to.
I think that salesforce doesn't allow that, they maintain session ids and some other token to check for the validity of the operation, that is what salesforce's "Safe Harbour Statement" and other documents of security tells.
Best way to find out is to try , have you tried vetting the Email URL ? My belief they have a mechanism to prevent it.
Still you can try and keep us posted on that.