Loading...

The FlowFixation account-takeover vulnerability, now fixed by AWS, results from a combination of session fixation on the web management panel of the AWS MWAA together with an Amazon AWS domain misconfiguration that leads to cross-site scripting.

Leave a Comment