Количество 2
Количество 2
CVE-2024-55659
SiYuan is a personal knowledge management system. Prior to version 3.1.16, the `/api/asset/upload` endpoint in Siyuan is vulnerable to both arbitrary file write to the host and stored cross-site scripting (via the file write). Version 3.1.16 contains a patch for the issue.
GHSA-fqj6-whhx-47p7
SiYuan has an arbitrary file write in the host via /api/asset/upload
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-55659 SiYuan is a personal knowledge management system. Prior to version 3.1.16, the `/api/asset/upload` endpoint in Siyuan is vulnerable to both arbitrary file write to the host and stored cross-site scripting (via the file write). Version 3.1.16 contains a patch for the issue. | CVSS3: 5.4 | 1% Низкий | около 1 года назад |
| GHSA-fqj6-whhx-47p7 SiYuan has an arbitrary file write in the host via /api/asset/upload | 1% Низкий | около 1 года назад |
Уязвимостей на страницу