—
GO-2026-4743
SiYuan has Stored XSS to RCE via Unsanitized Bazaar README Rendering in github.com/siyuan-note/siyuan/kernel
Details
SiYuan has Stored XSS to RCE via Unsanitized Bazaar README Rendering in github.com/siyuan-note/siyuan/kernel
Are you affected?
Enter the version of the package you're using.
Affected packages
Go / github.com/siyuan-note/siyuan/kernel
Introduced in:
0 Fixed in: 0.0.0-20260314111550-b382f50e1880 Fix
go get github.com/siyuan-note/siyuan/kernel@v0.0.0-20260314111550-b382f50e1880