CVE-2010-3854

Currently unrated

Key Information:

Vendor: Apache
Status: Couchdb
Vendor: CVE Published:; 2 February 2011

Summary

Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/65050

vdb-entryx_refsource_XF

http://mail-archives.apache.org/mod_mbox/couchdb-dev/2011...

mailing-listx_refsource_MLIST

http://osvdb.org/70734

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Feb 2, 2011
Vulnerability Reserved
Oct 8, 2010