SiYuan: Unauthenticated Reflected XSS via SVG Injection in /api/icon/getDynamicIcon Endpoint

The XSS vulnerability in SiYuan Kernel’s dynamic icon API is particularly concerning due to its unauthenticated nature. An attacker can craft a malicious URL containing attacker-controlled content within the type=8 parameter. This content is then embedded into the SVG output without proper escaping, allowing the injection of executable SVG/HTML event handlers, such as onerror. Successful exploitation allows the attacker to execute JavaScript within the SiYuan web origin. This can be leveraged to steal sensitive data, impersonate legitimate users, or perform other malicious actions, especially if the victim is a logged-in user who clicks the malicious link. The potential for data exfiltration and account takeover makes this a high-impact vulnerability.

Organizations and individuals using SiYuan Kernel are at risk, particularly those who rely on the application for sensitive data management or collaboration. Users who have not implemented proper input validation and output encoding practices are especially vulnerable. Shared hosting environments where multiple users share the same SiYuan instance are also at increased risk, as a single compromised instance could affect all users.

• linux / server: Monitor SiYuan logs for requests to /api/icon/getDynamicIcon with type=8 and suspicious content parameters. Use journalctl -f -u siyuan to monitor logs in real-time.

journalctl -f -u siyuan | grep '/api/icon/getDynamicIcon?type=8'

• generic web: Use curl to test the endpoint with a malicious SVG payload and examine the response for signs of code execution.

curl 'http://<siyuan_server>/api/icon/getDynamicIcon?type=8&content=<svg onload=alert("XSS")>' -s

• generic web: Check access and error logs for unusual requests to the endpoint. • wordpress / composer / npm: N/A - This vulnerability is specific to the SiYuan Kernel, not a WordPress plugin or Node.js package. • database (mysql, redis, mongodb, postgresql): N/A - This vulnerability does not directly impact database systems. • windows / supply-chain: N/A - This vulnerability does not directly impact Windows systems or supply chains.

1. 2026-03-04Disclosure

   disclosure

1. Reserviert2026-03-04
2. Veröffentlicht2026-03-04
3. Geändert2026-04-02
4. EPSS aktualisiert2026-03-23

The primary mitigation for CVE-2026-29183 is to immediately upgrade SiYuan Kernel to version 0.0.0-20260304034809-d68bd5a79391 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds. Input validation and output encoding on the /api/icon/getDynamicIcon endpoint are crucial. Web Application Firewalls (WAFs) can be configured to detect and block requests containing suspicious SVG content or event handlers. Monitor SiYuan logs for unusual activity, particularly requests to the /api/icon/getDynamicIcon endpoint with unusual parameters. After upgrading, confirm the fix by attempting to trigger the vulnerability with a crafted URL and verifying that the SVG output is properly sanitized and does not execute malicious code.