Security Advisory

CVE-2025-4318

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-05 18:16:34

Last updated 2026-01-28 19:27:08

Assigner AMZN

State PUBLISHED

Description

The AWS Amplify Studio UI component property expressions in the aws-amplify/amplify-codegen-ui package lack input validation. This could potentially allow an authenticated user who has access to create or modify components to run arbitrary JavaScript code during the component rendering and build process.

← Browse all CVEs View on cve.org ↗