Transmission 2.61 fixes an XSS flaw when processing maliciously crafted .torrent files. It is reported to affect version 2.50 as well (currently in Fedora 17 testing), but does not seem to work with 2.42 as tested in Fedora 16. Recommend upgrading to 2.61 in Fedora 17 and Rawhide.
Created transmission tracking bugs for this issue Affects: fedora-17 [bug 843581]
Forgot to note the report on full-disclosure: http://seclists.org/fulldisclosure/2012/Jul/348