Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-2692 | 1 B3log | 1 Siyuan | 2025-05-13 | N/A | 9.6 CRITICAL |
| SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server Side XSS. | |||||
| CVE-2024-53505 | 1 B3log | 1 Siyuan | 2025-04-14 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the id parameter at /getAssetContent. | |||||
| CVE-2024-53506 | 1 B3log | 1 Siyuan | 2025-04-14 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the ids array parameter in /batchGetBlockAttrs. | |||||
| CVE-2024-53507 | 1 B3log | 1 Siyuan | 2025-04-14 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability was discovered in Siyuan 3.1.11 in /getHistoryItems. | |||||
| CVE-2024-53504 | 1 B3log | 1 Siyuan | 2025-04-14 | N/A | 9.8 CRITICAL |
| A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the notebook parameter in /searchHistory. | |||||