Amazon Quietly Patches 'High Severity' Vulnerability in Android Photos App


A high severity vulnerability in Amazon’s Photos app for Android that could have been used to steal a user’s access tokens was addressed in December 2021.

One of the app’s components, “,” which is described in the AndroidManifest.xml file and which, when launched, begins an HTTP request with a header containing the access token, is misconfigured, which leads to the leak. Read More…