67 matches found
Malicious code in amplify-codegen-e2e-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78ef98fa45356b629d8b18e241e11d0b1aaa3f8b0bd38d3a357fc6707c297ea7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-978 Malicious code in amplify-codegen-e2e-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78ef98fa45356b629d8b18e241e11d0b1aaa3f8b0bd38d3a357fc6707c297ea7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
amplify-now.com Cross Site Scripting vulnerability OBB-2360423
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Connect, Share, and Learn at Imperva Amplify 2021
On the heels of high-profile breaches, attacks e.g., Sunburst, Raindrop and COVID-19, rapid digital transformation places even more pressure on security. We’re seizing the opportunity to launch our first virtual user conference -- Imperva Amplify -- to share our knowledge so together, we can bett...
47pages-keystone (>=0.0.1 <=0.0.5), @amplify-app/create (>=0.1.0 <=0.1.4) +2358 more potentially affected by CVE-2020-13110 via kerberos (>=0.0.11 <=0.0.9)
kerberos NPM version =0.0.11, =0.0.1, =0.1.0, =1.8.5-alpha.46, =1.0.3, =1.0.2, =0.12.0, =0.2.0, =1.0.0, =0.0.5, =0.1.2-beta.1, =0.1.2-beta.7 and more Source cves: CVE-2020-13110 Source advisory: OSV:GHSA-M2MX-RFPW-JGHV...
amplify-now.com Cross Site Scripting vulnerability OBB-1211390
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
X (Formerly Twitter): Multiple DOMXSS on Amplify Web Player
Hi, I would like to report multiple DOMXSS issues on https://amp.twimg.com/amplify-web-player/prod/source.html. Details: Please use latest IE to open all the PoCs because of CSP 1. $.get sink javascript define"data/playlist/withjsonloader", "require", "flight/lib/compose",...