4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.002 Low
EPSS
Percentile
62.1%
The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to
the file scheme, which allows man-in-the-middle attackers to force the read
of arbitrary local files and possibly obtain sensitive information via a
file: URL to a QML application.