2.6. CVE-2012-5650: DOM based Cross-Site Scripting via Futon UI

Upgrade to a supported CouchDB release that includes this fix, such as:

• 1.0.4
• 1.2.1

Disable the Futon user interface completely, by adapting local.ini and restarting CouchDB:

• share/www/verify_install.html
• share/www/couch_tests.html
• share/www/custom_test.html

This vulnerability was discovered & reported to the Apache Software Foundation by .