CVE-2026-34605: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in siyuan-note siyuan
SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the SanitizeSVG function introduced in version 3.6.0 to fix XSS in the unauthenticated /api/icon/getDynamicIcon endpoint can be bypassed by using namespace-prefixed element names such as <x:script xmlns:x="http://www.w3.org/2000/svg">. The Go HTML5 parser records the element's tag as "x:script" rather than "script", so the tag check passes it through. The SVG is served with Content-Type: image/svg+xml and no Content Security Policy; when a browser opens the response directly, its XML parser resolves the prefix to the SVG namespace and executes the embedded script. This issue has been patched in version 3.6.2.
AI Analysis
Technical Summary
SiYuan, a personal knowledge management system, had an XSS vulnerability (CWE-79) in versions 3.6.0 up to but not including 3.6.2. The SanitizeSVG function introduced to mitigate XSS in the unauthenticated /api/icon/getDynamicIcon endpoint was bypassable by using namespace-prefixed element names such as <x:script xmlns:x="http://www.w3.org/2000/svg">. The Go HTML5 parser records the tag as "x:script" rather than "script", allowing the malicious script to pass the tag check. When the SVG is served with Content-Type: image/svg+xml and no Content Security Policy, browsers resolve the prefix and execute the embedded script. The vulnerability is patched in version 3.6.2.
Potential Impact
This vulnerability allows an attacker to execute arbitrary scripts in the context of the victim's browser when the malicious SVG is opened directly. This can lead to high-impact consequences such as theft of sensitive information or session hijacking. The CVSS 4.0 base score is 8.6 (high severity), reflecting network attack vector, no privileges required, user interaction needed, and high impact on confidentiality and integrity.
Mitigation Recommendations
Upgrade SiYuan to version 3.6.2 or later, where this vulnerability is patched. Since this is a self-hosted product (not a cloud service), users must apply the update themselves. No other mitigations are indicated by the vendor advisory.
CVE-2026-34605: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in siyuan-note siyuan
Description
SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the SanitizeSVG function introduced in version 3.6.0 to fix XSS in the unauthenticated /api/icon/getDynamicIcon endpoint can be bypassed by using namespace-prefixed element names such as <x:script xmlns:x="http://www.w3.org/2000/svg">. The Go HTML5 parser records the element's tag as "x:script" rather than "script", so the tag check passes it through. The SVG is served with Content-Type: image/svg+xml and no Content Security Policy; when a browser opens the response directly, its XML parser resolves the prefix to the SVG namespace and executes the embedded script. This issue has been patched in version 3.6.2.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
SiYuan, a personal knowledge management system, had an XSS vulnerability (CWE-79) in versions 3.6.0 up to but not including 3.6.2. The SanitizeSVG function introduced to mitigate XSS in the unauthenticated /api/icon/getDynamicIcon endpoint was bypassable by using namespace-prefixed element names such as <x:script xmlns:x="http://www.w3.org/2000/svg">. The Go HTML5 parser records the tag as "x:script" rather than "script", allowing the malicious script to pass the tag check. When the SVG is served with Content-Type: image/svg+xml and no Content Security Policy, browsers resolve the prefix and execute the embedded script. The vulnerability is patched in version 3.6.2.
Potential Impact
This vulnerability allows an attacker to execute arbitrary scripts in the context of the victim's browser when the malicious SVG is opened directly. This can lead to high-impact consequences such as theft of sensitive information or session hijacking. The CVSS 4.0 base score is 8.6 (high severity), reflecting network attack vector, no privileges required, user interaction needed, and high impact on confidentiality and integrity.
Mitigation Recommendations
Upgrade SiYuan to version 3.6.2 or later, where this vulnerability is patched. Since this is a self-hosted product (not a cloud service), users must apply the update themselves. No other mitigations are indicated by the vendor advisory.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-03-30T17:15:52.500Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 69cc424fe6bfc5ba1d44f4c8
Added to database: 3/31/2026, 9:53:19 PM
Last enriched: 4/8/2026, 12:07:31 AM
Last updated: 5/16/2026, 2:42:17 AM
Views: 77
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.