NIXPKGS-2026-0926
GitHub issue
published 2 months, 3 weeks ago
by @LeSuisse Activity log
- Created suggestion
- @LeSuisse accepted
- @LeSuisse published on GitHub
SiYuan: Reflected XSS via SVG namespace prefix bypass in SanitizeSVG ( getDynamicIcon, unauthenticated )
-
https://github.com/siyuan-note/siyuan/security/advisories/GHSA-73g7-86qr-jrg3 x_refsource_CONFIRM
-
https://github.com/siyuan-note/siyuan/issues/17246 x_refsource_MISC
-
https://github.com/siyuan-note/siyuan/releases/tag/v3.6.2 x_refsource_MISC
siyuan
- ==>= 3.6.0, < 3.6.2