ALT-PU-2017-2369-1

Package update qbittorrent in branch p8

Version3.3.16-alt0.M80P.1

Published2017-10-04

Max severityMEDIUM

Severity:

Closed issues (2)

MEDIUM6.1

WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS.

Published: 2017-03-06Modified: 2025-04-20

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS 3.xMEDIUM 6.1

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References

MEDIUM6.1

WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header, which could potentially lead to clickjacking.

Published: 2017-03-06Modified: 2025-04-20

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N

CVSS 3.xMEDIUM 6.1

CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References