{"id":"GHSA-6865-qjcf-286f","summary":"SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint","details":"### Summary\nAn unauthenticated reflected XSS vulnerability exists in the dynamic icon API endpoint:\n\n- `GET /api/icon/getDynamicIcon`\n\nWhen `type=8`, attacker-controlled `content` is embedded into SVG output without escaping. Because the endpoint is unauthenticated and returns `image/svg+xml`, a crafted URL can inject executable SVG/HTML event handlers (for example `onerror`) and run JavaScript in the SiYuan web origin.\n\nThis can be chained to perform authenticated API actions and exfiltrate sensitive data when a logged-in user opens the malicious link.\n\n### Details\nThe issue is caused by unsafe output construction and incomplete sanitization:\n\n1. **Endpoint is exposed without auth middleware**\n   - Source: https://github.com/siyuan-note/siyuan/blob/master/kernel/api/router.go#L27-L37\n   - `GET /api/icon/getDynamicIcon` is registered in the unauthenticated section.\n\n2. **User input is inserted into SVG via string formatting**\n   - Source: https://github.com/siyuan-note/siyuan/blob/master/kernel/api/icon.go#L115-L175\n   - Source: https://github.com/siyuan-note/siyuan/blob/master/kernel/api/icon.go#L537-L585\n   - In `generateTypeEightSVG`, `%s` directly injects `content` into `\u003ctext\u003e...\u003c/text\u003e` without XML/HTML escaping.\n\n3. **Sanitizer only removes `\u003cscript\u003e` tags**\n   - Source: https://github.com/siyuan-note/siyuan/blob/master/kernel/util/misc.go#L235-L281\n   - `RemoveScriptsInSVG` removes `\u003cscript\u003e` nodes, but does not remove dangerous attributes (`onerror`, `onload`, etc.) or unsafe elements.\n\nAs a result, payloads such as `\u003c/text\u003e\u003cimage ... onerror=...\u003e\u003ctext\u003e` survive and execute.\n\n### PoC\n\n#### Minimal browser execution PoC\nOpen this URL in a browser:\n\n```http\nGET /api/icon/getDynamicIcon?type=8&content=%3C%2Ftext%3E%3Cimage%20href%3Dx%20onerror%3Dalert(document.domain)%3E%3C%2Fimage%3E%3Ctext%3E\n```\n\nExample full URL:\n\n```text\nhttp://127.0.0.1:6806/api/icon/getDynamicIcon?type=8&content=%3C%2Ftext%3E%3Cimage%20href%3Dx%20onerror%3Dalert(document.domain)%3E%3C%2Fimage%3E%3Ctext%3E\n```\n\nExpected result:\n\n- JavaScript executes (`alert(document.domain)`), confirming reflected XSS.\n\n#### Authenticated impact demonstration\nIf a victim is authenticated in the same browser session, JavaScript running in origin can call privileged APIs and exfiltrate returned data.\n\n### Impact\nThis is a reflected XSS in an unauthenticated endpoint, with realistic account/data compromise impact:\n\n- Arbitrary JavaScript execution in SiYuan web origin.\n- Authenticated action abuse via same-origin API calls.\n- Sensitive data exposure (notes/config/API responses) from victim context.\n- Potential chained server-impact actions depending on victim privileges and deployment mode.","aliases":["CVE-2026-29183","GO-2026-4596"],"modified":"2026-03-21T03:28:52.423458Z","published":"2026-03-04T21:45:10Z","related":["CVE-2026-32940"],"database_specific":{"cwe_ids":["CWE-79"],"github_reviewed":true,"severity":"CRITICAL","nvd_published_at":"2026-03-06T08:16:27Z","github_reviewed_at":"2026-03-04T21:45:10Z"},"references":[{"type":"WEB","url":"https://github.com/siyuan-note/siyuan/security/advisories/GHSA-6865-qjcf-286f"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-29183"},{"type":"WEB","url":"https://github.com/siyuan-note/siyuan/commit/d68bd5a79391742b3cb2e14d892bdd9997064927"},{"type":"PACKAGE","url":"https://github.com/siyuan-note/siyuan"}],"affected":[{"package":{"name":"github.com/siyuan-note/siyuan/kernel","ecosystem":"Go","purl":"pkg:golang/github.com/siyuan-note/siyuan/kernel"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.0.0-20260304034809-d68bd5a79391"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/03/GHSA-6865-qjcf-286f/GHSA-6865-qjcf-286f.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"}]}