感谢您的访问。此页面目前仅提供英语版本。我们正在开发中文版本。谢谢您的理解。

Code Injection

A code injection attack happens when an attacker changes the value of an input or a parameter in a way that causes unexpected behavior in a website (such as a Login with Amazon client). A code injection attack is possible when a website does not validate incoming data before acting on it.

Login with Amazon client websites should validate data coming from the authorization service , especially the state parameter, before acting on it. Login with Amazon clients should also validate customer profile data if they use it programmatically.