Lucene search
+L

5 matches found

NVD
NVD
added 2026/07/09 11:17 p.m.8 views

CVE-2026-59833

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, SiYuan renders note and package content to HTML through the Lute engine with sanitization enabled, but Lute's dangerous javascript scheme block does not check form action or SVG xlink:href attributes, allowing stored...

8.6CVSS0.00388EPSS
Exploits0References3
OSV
OSV
added 2026/07/09 10:17 p.m.3 views

CVE-2026-59833 SiYuan: Stored XSS to RCE in SiYuan via a per-attribute URL-scheme sanitizer gap in Lute (form action / SVG xlink:href)

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, SiYuan renders note and package content to HTML through the Lute engine with sanitization enabled, but Lute's dangerous javascript scheme block does not check form action or SVG xlink:href attributes, allowing stored...

8.6CVSS6.1AI score0.00388EPSS
Exploits0References5
CVE
CVE
added 2026/07/09 10:17 p.m.12 views

CVE-2026-59833

SiYuan (open-source PIM) prior to 3.7.1 uses Lute with sanitization, but the per-attribute URL-scheme sanitizer fails to check form action and SVG xlink:href attributes. This allows stored XSS in document export-preview and Bazaar package README rendering paths, with potential to execute OS comma...

8.6CVSS5.9AI score0.00388EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/09 10:17 p.m.34 views

CVE-2026-59833 SiYuan: Stored XSS to RCE in SiYuan via a per-attribute URL-scheme sanitizer gap in Lute (form action / SVG xlink:href)

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, SiYuan renders note and package content to HTML through the Lute engine with sanitization enabled, but Lute's dangerous javascript scheme block does not check form action or SVG xlink:href attributes, allowing stored...

8.6CVSS0.00388EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2019/11/11 12:0 a.m.7 views

PT-2019-15702 · Safe-Svg · Safe-Svg

Name of the Vulnerable Software and Affected Versions: safe-svg plugin versions through 1.9.4 Description: A Denial Of Service issue exists, related to unlimited recursion for a '' substring. Recommendations: For versions through 1.9.4, update to a version later than 1.9.4 to resolve the issue...

7.5CVSS7.4AI score0.02605EPSS
Exploits0References6
Rows per page
Query Builder