By Ravie Lakshmanan
Amazon, in December 2021, patched a high severity vulnerability affecting itsΒ Photos appΒ for Android that could have been exploited to steal a user's access tokens.
"The Amazon access token is used to authenticate the user across multiple Amazon APIs, some of which contain personal data such as full name, email, and address," Checkmarx researchers JoΓ£o Morais and Pedro UmbelinoΒ said. "Others,