BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
CVE-2012-5650 Apache CouchDB DOM based Cross-Site Scripting via Futon UI Jan 14 2013 10:05AM
Jan Lehnardt (jan apache org)
CVE-2012-5650

DOM based Cross-Site Scripting via Futon UI

Affected Versions:
Apache CouchDB releases up to and including 1.0.3, 1.1.1, and 1.2.0
are vulnerable.

Description:
Query parameters passed into the browser-based test suite are not sanitised,
and can be used to load external resources. ...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus