CVE-2024-55657 | siyuan-note SiYuan up to 3.1.15 /api/template/render path path traversal (GHSA-xx68-37v4-4596)

Posted by Angelo Barbosa | Dec 12, 2024 | CVE

A vulnerability has been found in siyuan-note SiYuan up to 3.1.15 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/template/render. The manipulation of the argument path leads to path traversal.

This vulnerability is known as CVE-2024-55657. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-55657 | siyuan-note SiYuan up to 3.1.15 /api/template/render path path traversal (GHSA-xx68-37v4-4596)

Related Posts

CVE-2024-51486 | Ampache up to 7.0.0 Custom URL - Favicon Section cross site scripting

CVE-2022-43890 | IBM Security Verify Privilege On-Premises 11.5 HTTP Request information disclosure (XFDB-240453)

CVE-2024-54221 | Roninwp FAT Services Booking Plugin up to 5.6 on WordPress sql injection

CVE-2024-54266 | ImageRecycle PDF & Image Compression Plugin up to 3.1.16 on WordPress cross site scripting