The Note That Took Notes on You: Bypassing SiYuan's SVG Sanitization
Jan 16, 2026·5 min read·0 visits
Executive Summary (TL;DR)
SiYuan Note < 3.5.4-dev2 allows Stored XSS via malicious SVG files. The application serves SVGs as `image/svg+xml`, allowing embedded JS to execute. The vendor's patch only strips `<script>` tags, meaning exploits using `onload` or `onerror` still work. This is a textbook example of why 'sanitization via deletion' fails.
SiYuan Note, a privacy-focused 'local-first' knowledge management tool, inadvertently turned user notes into a playground for JavaScript execution. By allowing raw SVG uploads without proper sanitization, the application enabled Stored XSS. Even more interestingly, the initial patch attempted to fix this by simply deleting `<script>` tags—a classic 'whack-a-mole' mistake that leaves the door wide open for event-handler-based exploits.
Official Patches
Fix Analysis (1)
Technical Appendix
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:NAffected Systems
Affected Versions Detail
| Product | Affected Versions | Fixed Version |
|---|---|---|
SiYuan Note SiYuan | < 3.5.4-dev2 | 3.5.4-dev2 |
| Attribute | Detail |
|---|---|
| CWE ID | CWE-79 |
| Attack Vector | Network |
| CVSS v4.0 | 5.3 (Medium) |
| Impact | Session Hijacking / Data Exfiltration |
| Exploit Status | POC Available |
| Patch Status | Partial / Incomplete |
MITRE ATT&CK Mapping
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Known Exploits & Detection
Vulnerability Timeline
Subscribe to updates
Get the latest CVE analysis reports delivered to your inbox.