When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
These two bring up the doors for a cross-site scripting (XSS) attack.
The misconfiguration also affects Azure andGoogleCloud, they added.
After discovering the flaw, Tenable notified Amazon, which subsequently issued a patch.
Both AWS and Azure added the misconfigured domains to PSL (Public Suffix List).
For Google, the issue isnt dangerous enough to warrant a patch, The Hacker News reported.
The full technical analysis of the vulnerability can be found on Tenables bloghere.
