{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23847", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-16T15:46:40.843Z", "datePublished": "2026-01-19T19:46:08.980Z", "dateUpdated": "2026-01-20T14:37:42.649Z"}, "containers": {"cna": {"title": "SiYuan Vulnerable to Reflected Cross-Site Scripting (XSS) via /api/icon/getDynamicIcon", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "baseScore": 2.1, "baseSeverity": "LOW", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P", "version": "4.0"}}], "references": [{"name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w836-5gpm-7r93", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w836-5gpm-7r93"}, {"name": "https://github.com/siyuan-note/siyuan/issues/16844", "tags": ["x_refsource_MISC"], "url": "https://github.com/siyuan-note/siyuan/issues/16844"}, {"name": "https://github.com/siyuan-note/siyuan/commit/5c0cc375b47567e15edd2119066b09bb0aa18777", "tags": ["x_refsource_MISC"], "url": "https://github.com/siyuan-note/siyuan/commit/5c0cc375b47567e15edd2119066b09bb0aa18777"}], "affected": [{"vendor": "siyuan-note", "product": "siyuan", "versions": [{"version": "< 3.5.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-19T19:46:08.980Z"}, "descriptions": [{"lang": "en", "value": "SiYuan is a personal knowledge management system. Versions prior to 3.5.4 are vulnerable to reflected cross-site scripting in /api/icon/getDynamicIcon due to unsanitized SVG input. The endpoint generates SVG images for text icons (type=8). The content query parameter is inserted directly into the SVG <text> tag without XML escaping. Since the response Content-Type is image/svg+xml, injecting unescaped tags allows breaking the XML structure and executing JavaScript. Version 3.5.4 patches the issue.]"}], "source": {"advisory": "GHSA-w836-5gpm-7r93", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-20T14:37:01.409541Z", "id": "CVE-2026-23847", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-20T14:37:42.649Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23847", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-01-20T14:37:01.409541Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-20T14:37:36.042Z"}}], "cna": {"title": "SiYuan Vulnerable to Reflected Cross-Site Scripting (XSS) via /api/icon/getDynamicIcon", "source": {"advisory": "GHSA-w836-5gpm-7r93", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 2.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "siyuan-note", "product": "siyuan", "versions": [{"status": "affected", "version": "< 3.5.4"}]}], "references": [{"url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w836-5gpm-7r93", "name": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w836-5gpm-7r93", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/siyuan-note/siyuan/issues/16844", "name": "https://github.com/siyuan-note/siyuan/issues/16844", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/siyuan-note/siyuan/commit/5c0cc375b47567e15edd2119066b09bb0aa18777", "name": "https://github.com/siyuan-note/siyuan/commit/5c0cc375b47567e15edd2119066b09bb0aa18777", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "SiYuan is a personal knowledge management system. Versions prior to 3.5.4 are vulnerable to reflected cross-site scripting in /api/icon/getDynamicIcon due to unsanitized SVG input. The endpoint generates SVG images for text icons (type=8). The content query parameter is inserted directly into the SVG <text> tag without XML escaping. Since the response Content-Type is image/svg+xml, injecting unescaped tags allows breaking the XML structure and executing JavaScript. Version 3.5.4 patches the issue.]"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-19T19:46:08.980Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23847", "state": "PUBLISHED", "dateUpdated": "2026-01-20T14:37:42.649Z", "dateReserved": "2026-01-16T15:46:40.843Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-01-19T19:46:08.980Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:b3log:siyuan:*:*:*:*:*:*:*:*", "matchCriteriaId": "D3F308D6-1396-4488-9382-0EE485C9289C", "versionEndExcluding": "3.5.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "SiYuan is a personal knowledge management system. Versions prior to 3.5.4 are vulnerable to reflected cross-site scripting in /api/icon/getDynamicIcon due to unsanitized SVG input. The endpoint generates SVG images for text icons (type=8). The content query parameter is inserted directly into the SVG <text> tag without XML escaping. Since the response Content-Type is image/svg+xml, injecting unescaped tags allows breaking the XML structure and executing JavaScript. Version 3.5.4 patches the issue.]"}], "id": "CVE-2026-23847", "lastModified": "2026-01-30T15:36:42.487", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-01-19T20:15:49.393", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/siyuan-note/siyuan/commit/5c0cc375b47567e15edd2119066b09bb0aa18777"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/siyuan-note/siyuan/issues/16844"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory", "Patch"], "url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-w836-5gpm-7r93"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T05:01:00.675324+00:00", "value": {"mitigation_remediation": ["Upgrade to version 3.5.4 or later of Siyuan, which includes the SVG input sanitization fix.", "If upgrading is not immediately possible, restrict access to /api/icon/getDynamicIcon to authenticated users or remove the endpoint temporarily.", "Configure a web application firewall or reverse proxy to reject requests containing suspicious characters or payloads in the content query parameter, such as \"<\", \">\", or script tags.", "Ensure server\u2011side XML escaping for any future SVG generation to prevent similar issues."], "summary": {"action": "Apply Patch", "impact": "Reflected Cross-Site Scripting"}, "threat_synthesis": {"affected_systems": "SiYuan personal knowledge management system, vendor Siyuan. Versions earlier than 3.5.4 are affected. No later versions have the flaw.", "description_and_impact": "The vulnerability allows an attacker to inject malicious scripts via unsanitized SVG input to the /api/icon/getDynamicIcon endpoint. The endpoint returns an SVG image with a &lt;text&gt; tag that includes the content query parameter directly, without escaping. An attacker could craft a URL that contains a payload such as a &lt;script&gt; tag or malformed XML. When a user opens that link, the browser loads the SVG and executes the attacker\u2019s JavaScript in the victim\u2019s context. This permits theft of session cookies, defacement, or other actions that target the user\u2019s browser session. The weakness corresponds to CWE-79 (Improper Neutralization of Input During Web Page Generation).", "risk_and_exploitability": "The CVSS score is 2.1, indicating low severity, and the EPSS score is less than 1%, showing a very low probability of exploitation at present. The vulnerability is not listed in the CISA KEV catalog. The attack vector is likely network-based. Because the endpoint is reachable via an HTTP request and does not require authentication, an unauthenticated attacker can embed a malicious payload in a URL. If a user visits that URL, the browser will render the SVG and execute the script. The impact is confined to the victim\u2019s browser session; it does not provide direct code execution on the server. The risk is mitigated by applying the patch, but in environments that cannot immediately upgrade, the exposure remains until remedied."}}}}, "created": "2026-01-20T08:40:48.214947+00:00", "updated": "2026-04-18T05:15:15.968766+00:00", "vendors": ["siyuan", "siyuan$PRODUCT$siyuan"]}