Amazon, in December 2021, patched a high severity vulnerability affecting itsPhotos appfor Android that could have been exploited to steal a user’s access tokens. “The Amazon access token is used to authenticate the user across multiple Amazon APIs, some of which contain personal data such as full name, email, and address,” Checkmarx researchers Joo Morais and Pedro Umbelinosaid. “Others,