This is to bring your attention to one of the vulnerability I have found in amazon prime video.
The vulnerability is related to cookie hijacking. To simulate this I have logged in www.primevideo.com and somehow exported the cookie of the same using available tools. And then I gave it to my friend and surprisingly when he exported that in his browser with the help of some tools, he was able to logged in my account and able to do all the stuffs that a originating logged in user is able to. I was shocked seeing that.
More Interesting thing is even I logged out from my account and closed my browser, but still my friend was able to login to account using that same old cookie.
I am not sure if someone has already reported about this, but I thought to report about this vulnerability to the development department of your organization. Please treat this as ethical as I do not have any intention to use it for wrong purpose.
Please let me know if you want me to demonstrate this to you guys.