Dashboard Vulnerabilities News Research Archive Stats Dataset For devs

aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

Vulnerabilities News Research Digest Archive Newsletter Archive Subscribe Data Sources Statistics Dataset API Integrations Widget RSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Blast from the past: Cross Site Scripting on the AWS Console | AI Sec Watch

Blast from the past: Cross Site Scripting on the AWS Console

infonews

security

Source: Embrace The RedJuly 1, 2020

Summary

A researcher discovered a persistent XSS (cross-site scripting, where an attacker injects malicious code into a web page that runs in other users' browsers) vulnerability in the AWS Console several years ago. The post documents how they found the bug, the techniques they used, and Amazon's response to the discovery.

Classification

Attack SophisticationModerate

Impact (CIA+S)

confidentialityintegrity

Affected Vendors

Amazon

Related Issues

Secure AI agent access patterns to AWS resources using Model Context Protocol

Same vendorAWS Security Blog

The AWS AI Security Framework: Securing AI with the right controls, at the right layers, at the right phases

Same vendorAWS Security Blog

Monthly digest — independent AI security research

Original source: https://embracethered.com/blog/posts/2020/aws-xss-cross-site-scripting-vulnerability/

First tracked: February 12, 2026 at 02:20 PM

Classified by LLM (prompt v3) · confidence: 60%

Tech Giants Invest $12.5 Million in Open Source Security

Same vendorSecurityWeek

OpenAI touts Amazon alliance in memo, says Microsoft has 'limited our ability' to reach clients

Same vendorCNBC Technology

CVE-2026-42339: New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. In versions 0.1

Same vendorNVD/CVE Database