1 results (0.003 seconds)

CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0

SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server Side XSS. La versión 3.0.3 de SiYuan permite ejecutar comandos arbitrarios en el servidor. Esto es posible porque la aplicación es vulnerable al Server Side XSS. • https://fluidattacks.com/advisories/dezco https://github.com/siyuan-note/siyuan • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •