News and Notes from the Makers of Nexus | Sonatype Blog

Critical Security Vulnerability At Amazon Fixed

Written by Ali Loney | January 18, 2013

The H – (International) Critical security vulnerability at Amazon fixed. The Amazon Web site has fixed a cross-site scripting vulnerability which could have been used to inject malicious JavaScript code which allows 3rd-party access to various elements of a user’s account, including the shopping cart, history, name, and email address associated with the account.

Source: http://www.h-online.com/security/news/item/Critical-security-vulnerability-at-Amazon-fixed-1787328.html