CVE-2012-5650

Currently unrated

Key Information:

Vendor: Apache
Status: Couchdb
Vendor: CVE Published:; 18 March 2014

Summary

Cross-site scripting (XSS) vulnerability in the Futon UI in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the browser-based test suite.

References

http://mail-archives.apache.org/mod_mbox/couchdb-user/201...

mailing-listx_refsource_MLIST

http://archives.neohapsis.com/archives/bugtraq/2013-01/00...

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Mar 18, 2014
Vulnerability Reserved
Oct 24, 2012