5 matches found
SiYuan 安全漏洞
SiYuan is an open-source personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.7.0 contained security vulnerabilities. These vulnerabilities were caused by ineffective access control for search APIs under certain deployment scenarios, which could lead to the...
SiYuan 安全漏洞
SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan itself. Versions of SiYuan 3.6.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from improper cleaning of upload file paths, allowing administrators to write files to arbitrary...
SiYuan 安全漏洞
SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan itself. Versions of SiYuan 3.6.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from insufficient path validation for the localPath parameter, which could allow non-administrator...
SiYuan 安全漏洞
SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan. Versions of SiYuan 3.6.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the lack of workspace boundary checks in the globalCopyFiles API, which could allow administrators to...
SiYuan 安全漏洞
SiYuan is a privacy-oriented personal knowledge management system developed by SiYuan itself. Versions of SiYuan prior to 3.6.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of model checking in the POST /api/template/renderSprig endpoint, which could allow any...