CVE-2024-2692

CVE-2024-2692

CVE-2024-2692 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

SiYuan version 3.0.3 allows executing arbitrary commands on the server. This is possible because the application is vulnerable to Server Side XSS.

Learn more about our Cis Benchmark Audit For Server Software.