Merci de votre visite. Cette page est disponible en anglais uniquement.

Code Injection

A code injection attack happens when an attacker changes the value of an input or a parameter in a way that causes unexpected behavior in a website (such as a Login with Amazon client). A code injection attack is possible when a website does not validate incoming data before acting on it.

Login with Amazon client websites should validate data coming from the authorization service , especially the state parameter, before acting on it. Login with Amazon clients should also validate customer profile data if they use it programmatically.