GHSA-J7WH-X834-P3R7 SiYuan: Authorization Bypass Allows Arbitrary SQL Execution via Search API
Summary SiYuan Note v3.6.0 and likely prior versions contains an authorization bypass vulnerability in the /api/search/fullTextSearchBlock endpoint. When the method parameter is set to 2, the endpoint passes user-supplied input directly as a raw SQL statement to the underlying SQLite database...