SVG Injection: When "Dynamic Icons" Become Dynamic Threats in SiYuan
Jan 21, 2026·5 min read·12 visits
Executive Summary (TL;DR)
SiYuan versions prior to 3.5.4 contain a Reflected XSS vulnerability in the dynamic icon generator. By injecting malicious XML into the `content` parameter of the `/api/icon/getDynamicIcon` endpoint, attackers can execute arbitrary JavaScript in the victim's browser context. The issue was patched by implementing an SVG script stripper.
SiYuan, a local-first personal knowledge management tool, unfortunately managed to manage knowledge a bit too dynamically. A reflected Cross-Site Scripting (XSS) vulnerability allowed attackers to turn innocent-looking icon requests into malicious script execution vectors via improper SVG handling.
Official Patches
Fix Analysis (1)
Technical Appendix
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:PAffected Systems
Affected Versions Detail
| Product | Affected Versions | Fixed Version |
|---|---|---|
SiYuan siyuan-note | < 3.5.4 | 3.5.4 |
| Attribute | Detail |
|---|---|
| CWE ID | CWE-79 |
| CVSS v4.0 | 2.1 (Low) |
| Attack Vector | Network |
| Exploit Status | PoC Available |
| MIME Type | image/svg+xml |
| Vulnerable Param | content |
MITRE ATT&CK Mapping
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')