XML String Encoding Issue in Qt Framework
CVE-2025-30348
5.3MEDIUM
What is CVE-2025-30348?
The Qt Framework, prior to version 6.8.0, is susceptible to an XML string encoding issue stemming from the 'encodeText' method in QDom. The flaw involves a complex algorithm that mismanages XML string copying and incorporates inline replacements within the string, leading to potential data breaches. This could allow attackers to manipulate XML data in a way that disrupts application functionality or compromises user information.
Affected Version(s)
Qt 0 < 5.15.19
Qt 6.0.0 < 6.5.9
Qt 6.6.0 < 6.8.0
