Update exploit_amplify_vulnerability_in_same_account_scenario.md

Added some clarifying language

content/aws/exploitation/Misconfigured_Resource-Based_Policies/exploit_amplify_vulnerability_in_same_account_scenario.md

@@ -31,7 +31,7 @@ In response to this, AWS made a number of changes to IAM and the [AWS Security T
 * Made changes to the IAM control plane to prevent anyone from creating role trust policies vulnerable to this misconfiguration. If you try to set a vulnerable policy today it will be rejected.
 * Made changes to the STS service to **block cross-account role assumption of roles that have a vulnerable trust relationship with the Amazon Cognito service**.
 
-This final fix is interestingly specific. AWS only made changes to block **cross-account** role assumption, not **same-account** role assumption. As a result of this, we can still potentially take advantage of roles that were made vulnerable by the Amplify service. This requires an identity pool to be configured in the account with the [basic (classic) authflow](https://docs.aws.amazon.com/cognito/latest/developerguide/authentication-flow.html) enabled.
+This final fix is interestingly specific. AWS only made changes to block **cross-account** role assumption, not **same-account** role assumption. As a result of this, we can still potentially take advantage of roles that were made vulnerable by the Amplify service. This requires an identity pool to be configured in the victim account with the [basic (classic) authflow](https://docs.aws.amazon.com/cognito/latest/developerguide/authentication-flow.html) enabled.
 
 !!! Warning
     **To be clear, this method is more difficult and requires the existence of at least one additional misconfigured resource**, however it is worthwhile to know about if you are a Penetration Tester or Red Teamer, or you simply use Amplify in your own organization.