Amazons Kindle Library is, at the time of writing, vulnerable to Stored Cross-Site Scripting (XSS) attacks. Malicious code can be injected via e-book metadata. Amazon account cookies can be accessed by and transferred to the attacker and the victim’s Amazon account can be compromised. Users most likely to fall victim to this vulnerability are those who obtain e-books from untrustworthy sources and then use Amazon’s “Send to Kindle” service to have them delivered to their Kindle.”]
Source: https://b.fl7.de/2014/09/amazon-stored-xss-book-metadata.html