You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A arbitrary file deletion vulnerability has been identified in the latest version of Siyuan Note. The vulnerability exists in the POST /api/history/getDocHistoryContent endpoint.An attacker can craft a payload to exploit this vulnerability, resulting in the deletion of arbitrary files on the server.
Details
The vulnerability can be reproduced by sending a crafted request to the /api/history/getDocHistoryContent endpoint.
Sending a request to the /api/history/getDocHistoryContent like:
curl "http://127.0.0.1:6806/api/history/getDocHistoryContent" -X POST -H "Co...
References:
- ADVISORY: https://github.com/advisories/GHSA-8fx8-pffw-w498
- ADVISORY: https://github.com/siyuan-note/siyuan/security/advisories/GHSA-8fx8-pffw-w498
- FIX: https://github.com/siyuan-note/siyuan/commit/d9887aeec1b27073bec66299a9a4181dc42969f3
Cross references:
- github.com/siyuan-note/siyuan/kernel appears in 4 other report(s):
- data/reports/GO-2024-3323.yaml (https://github.com/golang/vulndb/issues/3323)
- data/reports/GO-2024-3324.yaml (https://github.com/golang/vulndb/issues/3324)
- data/reports/GO-2024-3326.yaml (https://github.com/golang/vulndb/issues/3326)
- data/reports/GO-2024-3327.yaml (https://github.com/golang/vulndb/issues/3327)
See [doc/quickstart.md](https://github.com/golang/vulndb/blob/master/doc/quickstart.md) for instructions on how to triage this report.
Advisory GHSA-8fx8-pffw-w498 references a vulnerability in the following Go modules:
Description:
Summary
A arbitrary file deletion vulnerability has been identified in the latest version of Siyuan Note. The vulnerability exists in the
POST /api/history/getDocHistoryContent
endpoint.An attacker can craft a payload to exploit this vulnerability, resulting in the deletion of arbitrary files on the server.Details
The vulnerability can be reproduced by sending a crafted request to the
/api/history/getDocHistoryContent
endpoint.Sending a request to the
/api/history/getDocHistoryContent
like:id: GO-ID-PENDING
modules:
- module: github.com/siyuan-note/siyuan/kernel
non_go_versions:
- introduced: TODO (earliest fixed "", vuln range "< 0.0.0-20250103014808-d9887aeec1b2")
vulnerable_at: 0.0.0-20241231012955-adc819973b71
summary: SiYuan has an arbitrary file deletion vulnerability in github.com/siyuan-note/siyuan/kernel
cves:
- CVE-2025-21609
ghsas:
- GHSA-8fx8-pffw-w498
references:
- advisory: GHSA-8fx8-pffw-w498
- advisory: GHSA-8fx8-pffw-w498
- fix: siyuan-note/siyuan@d9887ae
source:
id: GHSA-8fx8-pffw-w498
created: 2025-01-03T17:01:18.762942657Z
review_status: UNREVIEWED
The text was updated successfully, but these errors were encountered: