Ubuntu Security Notice 1584-1 - Justin C. Klein Keane discovered that the Transmission web client incorrectly escaped certain strings. If a user were tricked into opening a specially crafted torrent file, an attacker could possibly exploit this to conduct cross-site scripting (XSS) attacks.
90c1296444a62f587424bcba2909638250158165238badb300354cdfd0d08518