Impact
The vulnerability is a stored cross‑site scripting flaw in SiYuan’s Bazaar package system. Before version 3.7.0, the kernel’s readme rendering uses the lute engine with a sanitizer that only blocks legacy event attributes; modern handler attributes such as onpointerover, onpointerdown, onauxclick, onbeforetoggle, onfocusin, onanimationstart, and ontransitionend are not filtered and therefore pass through unchanged. The resulting HTML is injected directly into the main document without any additional client‑side sanitization or security headers. When an administrator opens or interacts with a malicious package in the marketplace, the embedded script runs in the context of the administrator’s authenticated session, giving the attacker full control of the workspace to execute arbitrary code, exfiltrate data, or manipulate the environment.
Affected Systems
The issue affects the SiYuan Note application (siyuan-note:siyuan) running any version earlier than 3.7.0. The fix was introduced in 3.7.0 and newer releases are not impacted.
Risk and Exploitability
The CVSS score of 7.1 indicates a high‑risk scenario, though there is no EPSS score available to determine current exploitation probability and the vulnerability is not listed in CISA KEV. Exploitation does not require installation of the malicious Bazaar package; a privileged administrator simply needs to open the package listing and interact with it, at which point the malicious README containing modern event handler attributes such as onpointerover or onfocusin is rendered and injected into the main document. Because the rendered README is inserted directly into the main document, the attack is achievable without a separate iframe or sandbox, and does not rely on external content. The likely attack path is a third‑party package author submitting malware to the Bazaar marketplace, which a trusted administrator opens and interacts with, triggering the embedded script and allowing the attacker full control of the workspace.
OpenCVE Enrichment
Github GHSA