Vulnerabilities > Couchbase > Couchbase Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-10 | CVE-2019-11464 | Cross-site Scripting vulnerability in Couchbase Server 5.1.2/5.5.0 Some enterprises require that REST API endpoints include security-related headers in REST responses. | 4.3 |
| 2018-08-24 | CVE-2018-15728 | Code Injection vulnerability in Couchbase Server Couchbase Server exposed the '/diag/eval' endpoint which by default is available on TCP/8091 and/or TCP/18091. | 9.0 |