CVE-2017-6503

Source
https://nvd.nist.gov/vuln/detail/CVE-2017-6503
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-6503.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-6503
Downstream
Published
2017-03-06T02:59:00Z
Modified
2025-09-19T09:05:19.228325Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS.

References

Affected packages

Git / github.com/qbittorrent/qbittorrent

Affected ranges

Type
GIT
Repo
https://github.com/qbittorrent/qbittorrent
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

release-2.*

release-2.9.0

release-3.*

release-3.0.0

Database specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "48618559910933315555550741766578909898",
                    "94898622498664913251430441506174751952",
                    "44797966479474966525961246575245035638",
                    "185880968211157888779939959372448423929",
                    "189258922099877177576852192982082302879",
                    "338895098852573818719662445618442206720"
                ]
            },
            "id": "CVE-2017-6503-35faa0dd",
            "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "src/gui/properties/propertieswidget.cpp"
            },
            "deprecated": false
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "233509018470064228684480277402438007569",
                    "151908066262400473475164498328073111074",
                    "329480381762994020184551686961880477196",
                    "20852449753772302925817548026169583900",
                    "164246782185912083661161636700000005324",
                    "271242193035481665560631187940250235744",
                    "116482884772017208197721294700350050815",
                    "177343659139233130544608066437550441382",
                    "6601692464133387446339649614947449168",
                    "275479931589891395744160830164021905320"
                ]
            },
            "id": "CVE-2017-6503-3899d4a5",
            "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "src/base/logger.cpp"
            },
            "deprecated": false
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "291188985003732846589226656869466976303",
                    "262175729038848040008897503785860692314",
                    "27505096191420964322354555897610999152",
                    "326504563255106739596459208376493163543",
                    "7268769816573936996848287650462271144",
                    "53719890752976671106449660320672056445",
                    "173633353691720488412276884106506626167",
                    "75648770658042306568940301710549399611",
                    "147463194285757156949629400039930711014"
                ]
            },
            "id": "CVE-2017-6503-46295d3a",
            "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "src/gui/deletionconfirmationdlg.h"
            },
            "deprecated": false
        },
        {
            "digest": {
                "function_hash": "92775857306700432190514671989575937620",
                "length": 320.0
            },
            "id": "CVE-2017-6503-8ab3d750",
            "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "file": "src/base/logger.cpp",
                "function": "Logger::addMessage"
            },
            "deprecated": false
        },
        {
            "digest": {
                "function_hash": "114865918741609473804531006061921442790",
                "length": 331.0
            },
            "id": "CVE-2017-6503-ae85b39a",
            "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "file": "src/base/logger.cpp",
                "function": "Logger::addPeer"
            },
            "deprecated": false
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "12876673985119035764107724111325859294",
                    "30213864603390198813579797111603333697",
                    "115431095429169769413068563272854879796"
                ]
            },
            "id": "CVE-2017-6503-bf47a9bd",
            "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "src/base/utils/string.h"
            },
            "deprecated": false
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "150382242333414115021801530059710814284",
                    "11803751291287832047309035772968133212",
                    "288313758785127689150132838477547543440",
                    "76632614504937806188288078716716235187",
                    "317603350759272619625809304940772004733",
                    "11803751291287832047309035772968133212",
                    "288313758785127689150132838477547543440",
                    "76632614504937806188288078716716235187"
                ]
            },
            "id": "CVE-2017-6503-d8c75026",
            "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "src/gui/properties/peerlistwidget.cpp"
            },
            "deprecated": false
        }
    ]
}