Vulnerabilities (CVE)

Filtered by vendor B3log Subscribe
Total 24 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-55660 1 B3log 1 Siyuan 2025-06-05 N/A 9.8 CRITICAL
SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's `/api/template/renderSprig` endpoint is vulnerable to Server-Side Template Injection (SSTI) through the Sprig template engine. Although the engine has limitations, it allows attackers to access environment variables. Version 3.1.16 contains a patch for the issue.
CVE-2024-55659 1 B3log 1 Siyuan 2025-06-05 N/A 5.4 MEDIUM
SiYuan is a personal knowledge management system. Prior to version 3.1.16, the `/api/asset/upload` endpoint in Siyuan is vulnerable to both arbitrary file write to the host and stored cross-site scripting (via the file write). Version 3.1.16 contains a patch for the issue.
CVE-2024-55658 1 B3log 1 Siyuan 2025-06-05 N/A 7.5 HIGH
SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's /api/export/exportResources endpoint is vulnerable to arbitary file read via path traversal. It is possible to manipulate the paths parameter to access and download arbitrary files from the host system by traversing the workspace directory structure. Version 3.1.16 contains a patch for the issue.
CVE-2024-55657 1 B3log 1 Siyuan 2025-06-05 N/A 7.5 HIGH
SiYuan is a personal knowledge management system. Prior to version 3.1.16, an arbitrary file read vulnerability exists in Siyuan's `/api/template/render` endpoint. The absence of proper validation on the path parameter allows attackers to access sensitive files on the host system. Version 3.1.16 contains a patch for the issue.
CVE-2024-2692 1 B3log 1 Siyuan 2025-05-19 N/A 9.0 CRITICAL
SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server Side XSS.
CVE-2025-21609 1 B3log 1 Siyuan 2025-05-14 N/A 9.1 CRITICAL
SiYuan is self-hosted, open source personal knowledge management software. SiYuan Note version 3.1.18 has an arbitrary file deletion vulnerability. The vulnerability exists in the `POST /api/history/getDocHistoryContent` endpoint. An attacker can craft a payload to exploit this vulnerability, resulting in the deletion of arbitrary files on the server. Commit d9887aeec1b27073bec66299a9a4181dc42969f3 fixes this vulnerability and is expected to be available in version 3.1.19.
CVE-2024-6938 1 B3log 1 Siyuan 2025-05-13 4.0 MEDIUM 3.5 LOW
A vulnerability has been found in SiYuan 3.1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file PDF.js of the component PDF Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-271993 was assigned to this vulnerability.
CVE-2017-16821 1 B3log 1 Symphony 2025-04-20 3.5 LOW 5.4 MEDIUM
b3log Symphony (aka Sym) 2.2.0 has XSS in processor/AdminProcessor.java in the admin console, as demonstrated by a crafted X-Forwarded-For HTTP header that is mishandled during display of a client IP address in /admin/user/userid.
CVE-2024-53505 1 B3log 1 Siyuan 2025-04-14 N/A 9.8 CRITICAL
A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at /getAssetContent.
CVE-2024-53506 1 B3log 1 Siyuan 2025-04-14 N/A 9.8 CRITICAL
A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the ids array parameter in /batchGetBlockAttrs.
CVE-2024-53507 1 B3log 1 Siyuan 2025-04-14 N/A 9.8 CRITICAL
A SQL injection vulnerability was discovered in Siyuan 3.1.11 in /getHistoryItems.
CVE-2024-53504 1 B3log 1 Siyuan 2025-04-14 N/A 9.8 CRITICAL
A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the notebook parameter in /searchHistory.
CVE-2024-23049 1 B3log 1 Symphony 2024-11-21 N/A 9.8 CRITICAL
An issue in symphony v.3.6.3 and before allows a remote attacker to execute arbitrary code via the log4j component.
CVE-2022-0350 1 B3log 1 Vditor 2024-11-21 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.13.
CVE-2022-0341 1 B3log 1 Vditor 2024-11-21 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.12.
CVE-2021-4103 1 B3log 1 Vditor 2024-11-21 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 1.0.34.
CVE-2021-32855 1 B3log 1 Vditor 2024-11-21 N/A 6.1 MEDIUM
Vditor is a browser-side Markdown editor. Versions prior to 3.8.7 are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. Version 3.8.7 contains a patch for this issue.
CVE-2019-9142 1 B3log 1 Symphony 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in b3log Symphony (aka Sym) before v3.4.7. XSS exists via the userIntro and userNickname fields to processor/SettingsProcessor.java.
CVE-2019-17488 1 B3log 1 Symphony 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
b3log Symphony (aka Sym) before 3.6.0 has XSS via the HTTP User-Agent header.
CVE-2019-13915 1 B3log 1 Wide 2024-11-21 5.0 MEDIUM 7.5 HIGH
b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. An unzip operation leads to read access, and write access (depending on file permissions), to the symlink target. Third, the attacker can import a Git repository that contains a symlink, similarly leading to read and write access.