CVE-2017-6503

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-6503

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-6503.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2017-6503

Downstream

DEBIAN-CVE-2017-6503

DLA-897-1

UBUNTU-CVE-2017-6503

Published

2017-03-06T02:59:00Z

Modified

2025-10-15T09:04:00.386108Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS.

References

Affected packages

Git / github.com/qbittorrent/qbittorrent

Affected ranges

Type: GIT
Repo: https://github.com/qbittorrent/qbittorrent
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6ca3e4f094da0a0017cb2d483ec1db6176bb0b16

Affected versions

release-2.*

release-2.9.0

release-3.*

release-3.0.0

Database specific

vanir_signatures

[
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "48618559910933315555550741766578909898",
                "94898622498664913251430441506174751952",
                "44797966479474966525961246575245035638",
                "185880968211157888779939959372448423929",
                "189258922099877177576852192982082302879",
                "338895098852573818719662445618442206720"
            ]
        },
        "target": {
            "file": "src/gui/properties/propertieswidget.cpp"
        },
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
        "id": "CVE-2017-6503-35faa0dd"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "233509018470064228684480277402438007569",
                "151908066262400473475164498328073111074",
                "329480381762994020184551686961880477196",
                "20852449753772302925817548026169583900",
                "164246782185912083661161636700000005324",
                "271242193035481665560631187940250235744",
                "116482884772017208197721294700350050815",
                "177343659139233130544608066437550441382",
                "6601692464133387446339649614947449168",
                "275479931589891395744160830164021905320"
            ]
        },
        "target": {
            "file": "src/base/logger.cpp"
        },
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
        "id": "CVE-2017-6503-3899d4a5"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "291188985003732846589226656869466976303",
                "262175729038848040008897503785860692314",
                "27505096191420964322354555897610999152",
                "326504563255106739596459208376493163543",
                "7268769816573936996848287650462271144",
                "53719890752976671106449660320672056445",
                "173633353691720488412276884106506626167",
                "75648770658042306568940301710549399611",
                "147463194285757156949629400039930711014"
            ]
        },
        "target": {
            "file": "src/gui/deletionconfirmationdlg.h"
        },
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
        "id": "CVE-2017-6503-46295d3a"
    },
    {
        "digest": {
            "length": 320.0,
            "function_hash": "92775857306700432190514671989575937620"
        },
        "target": {
            "function": "Logger::addMessage",
            "file": "src/base/logger.cpp"
        },
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
        "id": "CVE-2017-6503-8ab3d750"
    },
    {
        "digest": {
            "length": 331.0,
            "function_hash": "114865918741609473804531006061921442790"
        },
        "target": {
            "function": "Logger::addPeer",
            "file": "src/base/logger.cpp"
        },
        "signature_type": "Function",
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
        "id": "CVE-2017-6503-ae85b39a"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "12876673985119035764107724111325859294",
                "30213864603390198813579797111603333697",
                "115431095429169769413068563272854879796"
            ]
        },
        "target": {
            "file": "src/base/utils/string.h"
        },
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
        "id": "CVE-2017-6503-bf47a9bd"
    },
    {
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "150382242333414115021801530059710814284",
                "11803751291287832047309035772968133212",
                "288313758785127689150132838477547543440",
                "76632614504937806188288078716716235187",
                "317603350759272619625809304940772004733",
                "11803751291287832047309035772968133212",
                "288313758785127689150132838477547543440",
                "76632614504937806188288078716716235187"
            ]
        },
        "target": {
            "file": "src/gui/properties/peerlistwidget.cpp"
        },
        "signature_type": "Line",
        "deprecated": false,
        "signature_version": "v1",
        "source": "https://github.com/qbittorrent/qbittorrent/commit/6ca3e4f094da0a0017cb2d483ec1db6176bb0b16",
        "id": "CVE-2017-6503-d8c75026"
    }
]