CVE-2012-5650

Apache CouchDB <1.0.4, <1.1.2, <1.2.1 - XSS

Title source: llm
STIX 2.1

Description

Cross-site scripting (XSS) vulnerability in the Futon UI in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters to the browser-based test suite.

References (2)

Core 2

Scores

EPSS 0.0384
EPSS Percentile 88.9%

Details

CWE
CWE-79
Status published
Products (7)
apache/couchdb 1.0.0
apache/couchdb 1.0.1
apache/couchdb 1.0.2
apache/couchdb 1.1.0
apache/couchdb 1.1.1
apache/couchdb 1.2.0
apache/couchdb < 1.0.3
Published Mar 18, 2014
Tracked Since Feb 18, 2026