The host is installed with Apache CouchDB through 0.11.0 and is prone to a cross-site request forgery (CSRF) vulnerability. A flaw is present in the application, which fails to handle a issue in unspecified vector. Successful exploitation could allow remote attackers to hijack the authentication of administrators for direct requests to an installation URL.