3 matches found
CVE-2026-30924
qui is a web interface for managing qBittorrent instances. Versions 1.14.1 and below use a permissive CORS policy that reflects arbitrary origins while also returning Access-Control-Allow-Credentials: true, effectively allowing any external webpage to make authenticated requests on behalf of a...
DEBIAN-CVE-2017-6503
WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS...
UBUNTU-CVE-2017-6503
WebUI in qBittorrent before 3.3.11 did not escape many values, which could potentially lead to XSS...