1 results (0.001 seconds)
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2692 – SiYuan 3.0.3 - RCE via Server Side XSS
https://notcve.org/view.php?id=CVE-2024-2692
SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server Side XSS. La versión 3.0.3 de SiYuan permite ejecutar comandos arbitrarios en el servidor. Esto es posible porque la aplicación es vulnerable al Server Side XSS. • https://fluidattacks.com/advisories/dezco https://github.com/siyuan-note/siyuan • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •