Cross-Site Scripting Flaw in Apache CouchDB Web Administration Interface
CVE-2010-3854

Currently unrated

Key Information:

Vendor

Apache
Status
Couchdb
Vendor
CVE Published:
2 February 2011

What is CVE-2010-3854?

Multiple cross-site scripting vulnerabilities exist in the web administration interface (Futon) of Apache CouchDB versions ranging from 0.8.0 to 1.0.1. These flaws allow remote attackers to execute arbitrary web scripts or HTML by exploiting unspecified vectors. By leveraging these vulnerabilities, attackers can manipulate user sessions and potentially access sensitive information, thereby compromising the integrity of affected CouchDB installations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/65050
vdb-entryx_refsource_XF
http://mail-archives.apache.org/mod_mbox/couchdb-dev/2011...
mailing-listx_refsource_MLIST
http://osvdb.org/70734
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.