Cross-Site Scripting Vulnerability in Apache CouchDB's Futon UI
CVE-2012-5650

Currently unrated

Key Information:

Vendor: Apache
Status: Couchdb
Vendor: CVE Published:; 18 March 2014

What is CVE-2012-5650?

A cross-site scripting vulnerability exists in the Futon UI of Apache CouchDB, prior to versions 1.0.4, 1.1.2, and 1.2.1. The flaw enables remote attackers to inject arbitrary web scripts or HTML into the application through unspecified parameters that are not properly sanitized. Successful exploitation could lead to unauthorized access to sensitive information or to execute malicious scripts in the context of an authenticated user's session.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://mail-archives.apache.org/mod_mbox/couchdb-user/201...

mailing-listx_refsource_MLIST

http://archives.neohapsis.com/archives/bugtraq/2013-01/00...

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Mar 18, 2014
Vulnerability Reserved
Oct 24, 2012

JSON

Apache

What is CVE-2012-5650?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.