SiYuan is an open-source personal knowledge management system. In versions 3.6.1 through 3.6.3, a prior fix for XSS in bazaar README rendering (incomplete fix for CVE-2026-33066) enabled the Lute HTML sanitizer, but the sanitizer does not block iframe tags, and its URL-prefix blocklist does not effectively filter srcdoc attributes which contain raw HTML rather than URLs. A malicious bazaar package author can include an iframe with a srcdoc attribute containing embedded scripts in their README.
When other users view the package in SiYuan's marketplace UI, the payload executes in the Electron context with full application privileges, enabling arbitrary code execution on the user's machine. This issue has been fixed in version 3.6.4.
Attack Parameters
Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
None
No disruption
CVSS Vector v4.0
Weakness Type (CWE)
References 4
https://github.com/advisories/GHSA-4663-4mpg-879v
security-advisories@github.com
https://github.com/siyuan-note/siyuan/commit/b382f50e1880ed996364509de5a10a72d7…
security-advisories@github.com
https://github.com/siyuan-note/siyuan/releases/tag/v3.6.4
security-advisories@github.com
https://github.com/siyuan-note/siyuan/security/advisories/GHSA-8q5w-mmxf-48jg
security-advisories@github.com