Ti ringraziamo per la visita. Questa pagina è per il momento disponibile solo in inglese.


Pages at a Glance

Cross-site Request Forgery
Cross-site Request Forgery happens when an attacker tricks a user into clicking on a malicious link, where the link goes to a site where the user is currently authenticated. Any commands embedded i... more »
Impersonating a Resource Owner in Implicit Flow
Websites using the Implicit Grant receive an access token from the Login with Amazon authorization service passively through a redirect URL. If an attacker can entice a user into logging in to a ma... more »
Open Redirectors
An open redirector is an endpoint configured to redirect a user-agent based on the value of a parameter, without any kind of validation. Open redirectors can be exploited in Login with Amazon by at... more »
Code Injection
A code injection attack happens when an attacker changes the value of an input or a parameter in a way that causes unexpected behavior in a website (such as a Login with Amazon client). A code inje... more »