Severity by source
AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Network-deliverable via sync with only workspace write access (PR:L), auto-fires without interaction (UI:N), and the renderer XSS escapes to host RCE (S:C) with full C/I/A loss.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, CSS snippet body containing </style> breaks out of its surrounding <style> tag when renderSnippet() interpolates it via insertAdjacentHTML. A payload like runs arbitrary JavaScript in the renderer. On Electron desktop builds the renderer runs with nodeIntegration:true, so require('child_process') is reachable from the injected handler and the XSS chains to host RCE. Snippets sync via the workspace repository, so an attacker with write access to any synced workspace plants the payload once and it fires on every device that pulls. The bug also bypasses the user's enabledCSS / enabledJS separation. A user who turned enabledJS off was making a deliberate call not to run untrusted JavaScript; the CSS path runs it anyway. This vulnerability is fixed in 3.7.0.
AnalysisAI
Stored cross-site scripting in SiYuan personal knowledge management before 3.7.0 lets an attacker with write access to a synced workspace plant a CSS snippet whose '</style>' sequence breaks out of the surrounding <style> tag when renderSnippet() interpolates it via insertAdjacentHTML, running arbitrary JavaScript in the renderer. On Electron desktop builds the renderer runs with nodeIntegration:true, so the injected handler can reach require('child_process') and escalate the XSS to full host remote code execution. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires the attacker to have write access to a workspace repository that the victim synchronizes, allowing them to plant or modify a CSS snippet; the malicious snippet body must contain a '</style>' break-out sequence followed by an event handler/script, which renderSnippet() then interpolates via insertAdjacentHTML. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Multiple signals point to genuine high priority rather than inflated CVSS. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who gains write access to a workspace the victim syncs (for example a shared/collaborative repo or a previously compromised sync endpoint) saves a CSS snippet whose body contains '</style>' followed by a JavaScript handler that calls require('child_process').exec(...). When any paired device pulls the synced workspace, renderSnippet() interpolates the snippet via insertAdjacentHTML, the handler executes in the nodeIntegration-enabled renderer, and the attacker obtains code execution on the victim's host with no user interaction. … |
| Remediation | Upgrade to SiYuan 3.7.0 or later, which fixes the snippet rendering path (Vendor-released patch: 3.7.0); see the advisory at https://github.com/siyuan-note/siyuan/security/advisories/GHSA-mvjr-vv3c-w4qv. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
24 hours: Identify all SiYuan installations in use; audit write-access permissions on shared workspaces; begin emergency patching to version 3.7.0 or later. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
A SQL injection vulnerability was discovered in Siyuan 3.1.11 in /getHistoryItems. Rated critical severity (CVSS 9.8), t
A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the ids array parameter in /batchGetBlockAttrs. R
A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at /getAssetContent. Rated criti
A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the notebook parameter in /searchHistory. Rated c
SiYuan personal knowledge management system prior to 3.5.4 has a stored XSS vulnerability (CVSS 9.6) that allows code ex
Origin-validation bypass in SiYuan Note (open-source personal knowledge management) before 3.7.0 lets any installed Chro
Reflected XSS in SiYuan knowledge management before 3.5.9.
SiYuan knowledge management system prior to 3.5.5 has a path traversal in /api/file/copyFile allowing arbitrary file ope
SiYuan version 3.0.3 allows executing arbitrary commands on the server. Rated critical severity (CVSS 9.0), this vulnera
SQL injection in SiYuan prior to version 3.6.0 allows any authenticated user, including those with read-only access, to
Cross-site scripting (XSS) in SiYuan personal knowledge management system versions 3.6.0-3.6.1 allows remote attackers t
Arbitrary file disclosure in SiYuan personal knowledge management system before 3.7.0 lets an unauthenticated remote att
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39123
GHSA-mvjr-vv3c-w4qv