53N4Do

**Name of the Vulnerable Software and Affected Versions** Amazon AWS aws-js-s3-explorer (aka AWS JavaScript S3 Explorer) version 1.0.0 **Description** The issue allows for XSS via a crafted S3 bucket name to index.html. This can be exploited when a user interacts with a maliciously named S3 bucket, potentially leading to the execution of unauthorized code. **Recommendations** For Amazon AWS aws-js-s3-explorer (aka AWS JavaScript S3 Explorer) version 1.0.0, as a temporary workaround, consider validating and sanitizing S3 bucket names to prevent malicious input. At the moment, there is no information about a newer version that contains a fix for this vulnerability.