Description
SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the SanitizeSVG function introduced in version 3.6.0 to fix XSS in the unauthenticated /api/icon/getDynamicIcon endpoint can be bypassed by using namespace-prefixed element names such as <x:script xmlns:x="http://www.w3.org/2000/svg">. The Go HTML5 parser records the element's tag as "x:script" rather than "script", so the tag check passes it through. The SVG is served with Content-Type: image/svg+xml and no Content Security Policy; when a browser opens the response directly, its XML parser resolves the prefix to the SVG namespace and executes the embedded script. This issue has been patched in version 3.6.2.
Published: 2026-03-31
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: Cross‑Site Scripting via SVG endpoint
Action: Patch
AI Analysis

Impact

The SanitizeSVG function introduced in version 3.6.0 of the personal knowledge management system was designed to block disallowed SVG elements when an unprivileged user requested icons from /api/icon/getDynamicIcon. Between versions 3.6.0 and just before 3.6.2 the sanitiser failed to recognise elements whose tag names were prefixed with a namespace, such as <x:script xmlns:x="http://www.w3.org/2000/svg">. The Go HTML5 parser records the tag as "x:script" and the sanitiser compares it only against the exact string "script", allowing the element to pass through. The resulting SVG is served with the content type image/svg+xml and no Content‑Security‑Policy. When a browser loads the response directly, it resolves the prefix to the SVG namespace and executes the embedded script, enabling an attacker to run arbitrary JavaScript in the context of any user who opens the returned SVG.

Affected Systems

Siyuan Note versions 3.6.0 through 3.6.1 are affected; version 3.6.2 and later contain the patch that removes the vulnerable path.

Risk and Exploitability

The CVSS base score of 8.6 signals high severity. With an EPSS score of 1 % the likelihood of exploitation is low at present, and the vulnerability is not listed in the CISA KEV catalog. Attackers can exploit it by making a direct request to the public endpoint, receiving the malicious SVG, and causing a user agent to parse it, which would execute arbitrary client‑side code with the privileges of the viewing user.

Generated by OpenCVE AI on April 3, 2026 at 19:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Siyuan to version 3.6.2 or later.

Generated by OpenCVE AI on April 3, 2026 at 19:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-73g7-86qr-jrg3 SiYuan vulnerable to reflected XSS via SVG namespace prefix bypass in SanitizeSVG (getDynamicIcon, unauthenticated)
History

Fri, 03 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared B3log
B3log siyuan
CPEs cpe:2.3:a:b3log:siyuan:*:*:*:*:*:*:*:*
Vendors & Products B3log
B3log siyuan
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Siyuan
Siyuan siyuan
Vendors & Products Siyuan
Siyuan siyuan

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
Description SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the SanitizeSVG function introduced in version 3.6.0 to fix XSS in the unauthenticated /api/icon/getDynamicIcon endpoint can be bypassed by using namespace-prefixed element names such as <x:script xmlns:x="http://www.w3.org/2000/svg">. The Go HTML5 parser records the element's tag as "x:script" rather than "script", so the tag check passes it through. The SVG is served with Content-Type: image/svg+xml and no Content Security Policy; when a browser opens the response directly, its XML parser resolves the prefix to the SVG namespace and executes the embedded script. This issue has been patched in version 3.6.2.
Title SiYuan: Reflected XSS via SVG namespace prefix bypass in SanitizeSVG ( getDynamicIcon, unauthenticated )
Weaknesses CWE-79
References
Metrics cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

B3log Siyuan
Siyuan Siyuan
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-01T18:57:40.835Z

Reserved: 2026-03-30T17:15:52.500Z

Link: CVE-2026-34605

cve-icon Vulnrichment

Updated: 2026-04-01T18:57:36.971Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-31T22:16:22.253

Modified: 2026-04-03T16:01:29.827

Link: CVE-2026-34605

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T21:17:24Z

Weaknesses