CVE-2026-32940
Click-Through XSS in SiYuan /api/icon/getDynamicIcon Endpoint
Publication date: 2026-03-20
Last updated on: 2026-03-23
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| b3log | siyuan | to 3.6.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-184 | The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-32940 is a reflected Cross-Site Scripting (XSS) vulnerability in the SiYuan personal knowledge management system, affecting versions 3.6.0 and below. The issue arises from an incomplete sanitization of data URI schemes in SVG content served by the unauthenticated endpoint /api/icon/getDynamicIcon. Specifically, the SanitizeSVG function blocks certain dangerous data URIs like data:text/html and data:image/svg+xml in href attributes but misses data:text/xml and data:application/xml, which can also render SVG with active JavaScript execution.
An attacker can craft a malicious URL that injects SVG markup containing links with these bypassed MIME types. When a victim navigates to this URL or embeds it via <object> or <embed>, clicking the injected link triggers JavaScript execution, resulting in a click-through XSS attack. The vulnerability is due to embedding user-controlled input directly into SVG markup without escaping, and the incomplete blocklist of dangerous data URI schemes.
This vulnerability was fixed in version 3.6.1 by replacing the blocklist approach with a stricter allowlist that only permits safe image MIME types such as data:image/png, data:image/jpeg, data:image/gif, and data:image/webp.
How can this vulnerability impact me? :
[{'type': 'paragraph', 'content': 'This vulnerability allows unauthenticated attackers to perform reflected Cross-Site Scripting (XSS) attacks against users of the SiYuan application. By crafting a malicious URL pointing to the vulnerable endpoint, an attacker can inject SVG content that executes arbitrary JavaScript when a victim clicks on a link within the SVG.'}, {'type': 'paragraph', 'content': "The impact includes the potential execution of malicious scripts in the context of the victim's browser, which can lead to theft of sensitive information, session hijacking, or performing actions on behalf of the victim without their consent."}, {'type': 'paragraph', 'content': 'Because the vulnerable endpoint is unauthenticated and accessible over the network, deployments exposed to the internet or Docker instances with network access are particularly at risk. In the Electron desktop app, the impact depends on specific security settings like nodeIntegration and contextIsolation.'}] [2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by testing the unauthenticated endpoint `/api/icon/getDynamicIcon` with crafted URLs that include the `content` parameter containing data URIs with MIME types such as `data:text/xml` or `data:application/xml`. These URIs bypass the sanitizer and allow JavaScript execution via SVG.'}, {'type': 'paragraph', 'content': 'Proof-of-concept commands involve sending requests to the vulnerable endpoint with payloads using `data:text/xml` or `data:application/xml` URIs in the `content` parameter and observing if the SVG output preserves these URIs and allows JavaScript execution.'}, {'type': 'paragraph', 'content': 'For example, you can use curl or similar tools to send requests like:'}, {'type': 'list_item', 'content': 'curl \'http://<target>/api/icon/getDynamicIcon?type=8&content=<svg><a href="data:text/xml;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">link</a></svg>\''}, {'type': 'list_item', 'content': 'curl \'http://<target>/api/icon/getDynamicIcon?type=8&content=<svg><a href="data:application/xml;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==">link</a></svg>\''}, {'type': 'paragraph', 'content': 'If the response SVG contains the injected link with these data URIs intact and clicking the link triggers JavaScript execution, the vulnerability is present.'}] [2]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the SiYuan application to version 3.6.1 or later, where this vulnerability has been fixed.
The fix replaces the incomplete blocklist of disallowed data URI MIME types with a strict allowlist permitting only safe image MIME types such as:
- data:image/png
- data:image/jpeg
- data:image/gif
- data:image/webp
This change prevents potentially executable content embedded via data URIs from being processed.
Additionally, if upgrading immediately is not possible, consider restricting network access to the vulnerable endpoint `/api/icon/getDynamicIcon` to trusted users only, or disabling the endpoint temporarily to prevent exploitation.