Amazon Cognito Misconfiguration

Title	Vulnerabilities	Programs	Authors
How I was able to takeover any account (Zero-click ATO)	Account Takeover Amazon Cognito Misconfiguration	Undisclosed	Mohammed Al-Barbari (@M4dm0e)
Privilege Escalations through Integrations	Privilege Escalation Amazon Cognito Misconfiguration JWT Account Takeover	Undisclosed	Colin McQueen
Multiple Critical Vulnerabilities In Strapi Versions <=4.7.1	Authentication Bypass SSTI RCE Amazon Cognito Misconfiguration Information Disclosure	Strapi	GhostCcamm (@GhostCcamm)
AWS Cognito pitfalls: Default settings attackers love (and you should know about)	Amazon Cognito Misconfiguration	Undisclosed	Lorenzo Vogelsang (@Ptrac3)
Account Take Over Due To AWS Cognito Misconfiguration	Amazon Cognito Misconfiguration Account Takeover	Undisclosed	Deshine
Account Takeover Due to Cognito Misconfiguration Earns Me €xxxx	Amazon Cognito Misconfiguration Account Takeover	Undisclosed	Mukund Bhuva (@MukundBhuva)
Hunting for Amazon Cognito Security misconfigurations	Amazon Cognito Misconfiguration	Undisclosed	Yassine Aboukir (@Yassineaboukir)
I Obtained ADMIN access via the Account Activation link [In 30 seconds]	Privilege Escalation Amazon Cognito Misconfiguration	Undisclosed	Popalltheshells

Page 1 of 1