CVE-2026-31807 Overview
CVE-2026-31807 is a Cross-Site Scripting (XSS) vulnerability in SiYuan, a personal knowledge management system developed by B3log. The vulnerability exists in SiYuan's SVG sanitizer (SanitizeSVG) which fails to block SVG animation elements such as <animate> and <set>. While the sanitizer correctly blocks dangerous elements like <script>, <iframe>, and <foreignobject>, and removes on* event handlers and javascript: in href attributes, attackers can leverage SVG animation elements to dynamically set attributes to dangerous values at runtime, effectively bypassing the static sanitization.
This vulnerability is a bypass of the fix for CVE-2026-29183 which was addressed in version 3.5.9. The flaw allows attackers to inject executable JavaScript into the unauthenticated /api/icon/getDynamicIcon endpoint when using type=8, resulting in a reflected XSS attack.
Critical Impact
Attackers can execute arbitrary JavaScript in the context of a victim's browser session, potentially leading to session hijacking, credential theft, or malicious actions performed on behalf of authenticated users.
Affected Products
- B3log SiYuan versions prior to 3.5.10
Discovery Timeline
- 2026-03-10 - CVE CVE-2026-31807 published to NVD
- 2026-03-11 - Last updated in NVD database
Technical Details for CVE-2026-31807
Vulnerability Analysis
The vulnerability stems from an incomplete implementation of the SVG sanitization logic in SiYuan's SanitizeSVG function. Modern SVG specifications include animation elements (<animate> and <set>) that can dynamically modify element attributes after the initial DOM parsing. These elements allow attackers to set values that would normally be blocked by static analysis.
When an SVG file is processed by the sanitizer, it passes through checks that block known dangerous elements and remove event handler attributes. However, because SVG animation elements are legitimate SVG features, they are not blocked. An attacker can craft an SVG that uses these animation elements to set href attributes to javascript: URIs or manipulate other attributes at runtime, after the sanitization phase has completed.
The vulnerable endpoint /api/icon/getDynamicIcon with parameter type=8 is unauthenticated, meaning any user visiting a malicious link can trigger the XSS without requiring prior authentication to the SiYuan instance.
Root Cause
The root cause is insufficient allowlist/blocklist implementation in the SVG sanitizer. While the SanitizeSVG function was designed to strip dangerous elements and attributes, it did not account for SVG animation elements that can modify the DOM dynamically. Static analysis of SVG content alone cannot detect attributes that are set via animation at runtime.
This represents a classic case of sanitizer bypass where the security boundary fails to account for browser behavior that differs from static parsing assumptions.
Attack Vector
The attack is network-based and requires user interaction. An attacker crafts a malicious URL pointing to the /api/icon/getDynamicIcon endpoint with a specially crafted SVG payload embedded. When a victim clicks the link, the SVG is rendered in their browser, the animation elements execute, and JavaScript code runs in the context of the victim's session.
The exploitation flow involves creating an SVG that uses <animate> or <set> elements to change an attribute (such as href on an <a> tag) to a javascript: URI after the sanitizer has processed the content. When the browser renders the SVG and the animation executes, the malicious JavaScript payload is triggered.
For detailed technical information on the vulnerability mechanism and proof-of-concept details, refer to the GitHub Security Advisory.
Detection Methods for CVE-2026-31807
Indicators of Compromise
- HTTP requests to /api/icon/getDynamicIcon endpoint with type=8 parameter containing SVG content with <animate> or <set> elements
- SVG files containing animation elements that modify href, xlink:href, or other potentially dangerous attributes
- Unexpected JavaScript execution originating from SVG icon rendering
Detection Strategies
- Implement web application firewall (WAF) rules to detect SVG payloads containing <animate> or <set> elements in conjunction with javascript: strings
- Monitor HTTP access logs for anomalous requests to the /api/icon/getDynamicIcon endpoint with suspicious query parameters
- Deploy browser-based security controls that detect XSS attempts from SVG content
Monitoring Recommendations
- Enable verbose logging on SiYuan instances to capture all requests to the /api/icon/ API endpoints
- Set up alerts for any HTTP 200 responses to /api/icon/getDynamicIcon requests from external or untrusted sources
- Review web server logs for patterns indicative of XSS probing attempts
How to Mitigate CVE-2026-31807
Immediate Actions Required
- Upgrade SiYuan to version 3.5.10 or later immediately
- If immediate patching is not possible, restrict network access to SiYuan instances to trusted users only
- Consider placing a reverse proxy with SVG filtering capabilities in front of SiYuan deployments
Patch Information
The vulnerability is fixed in SiYuan version 3.5.10. Users should upgrade to this version or later to remediate the vulnerability. The fix enhances the SanitizeSVG function to block SVG animation elements that can be used to bypass the existing sanitization. For more details, see the GitHub Security Advisory.
Workarounds
- Block access to the /api/icon/getDynamicIcon endpoint at the network level if the dynamic icon functionality is not required
- Implement Content Security Policy (CSP) headers that restrict script execution from SVG content
- Deploy a web application firewall rule to strip or block SVG animation elements from incoming requests
# Example nginx configuration to block the vulnerable endpoint
location /api/icon/getDynamicIcon {
# Block requests with type=8 parameter until patched
if ($arg_type = "8") {
return 403;
}
proxy_pass http://siyuan_backend;
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
