News and Notes from the Makers of Nexus | Sonatype Blog

Critical security vulnerability at Amazon fixed

Written by Ali Loney | January 18, 2013

The H – (International) Critical security vulnerability at Amazon fixed. The Amazon website has fixed a cross-site scripting (XSS) vulnerability which could have been used to inject malicious JavaScript code which allows third-party access to various elements of a user's account, including the shopping cart, history, name, and email address associated with the account.