Arbitrary Web Script Injection in Apache CouchDB Futon UI

Arbitrary Web Script Injection in Apache CouchDB Futon UI

CVE-2012-5650 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the Futon UI in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the browser-based test suite.

Learn more about our Cis Benchmark Audit For Apache Http Server.