CVE-2010-3854

CWE-79 ā€” Cross-site Scripting (XSS)6 documents4 sources
Severity
4.3MEDIUM
EPSS
2.5%
top 14.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Couchdb
Timeline
PublishedFeb 2
Latest updateMay 14

Description

Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

ā–¶NVDapache/couchdb13 versions+12

šŸ”“Vulnerability Details

2
GHSA
GHSA-wh9m-hj6v-4mg6: Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0ā†—2022-05-14
ā–¶
CVEList
CVE-2010-3854: Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0ā†—2011-02-02
ā–¶

šŸ’¬Community

3
Bugzilla
CVE-2010-3854 couchdb: XSS vulnerabilityā†—2011-01-31
ā–¶
Bugzilla
CVE-2010-3854 couchdb: XSS vulnerability [fedora-all]ā†—2011-01-31
ā–¶
Bugzilla
CVE-2010-3854 couchdb: XSS vulnerability [epel-all]ā†—2011-01-31
ā–¶
CVE-2010-3854 (MEDIUM CVSS 4.3) | Multiple cross-site scripting (XSS) | cvebase.io