Simon/siyuan
1
0
Fork 0
mirror of https://github.com/siyuan-note/siyuan.git synced 2026-06-27 22:36:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
feature/setSort-api
siyuan/.github/SECURITY.md
Daniel e9536d57f2 🔒 Update secruity report 
Signed-off-by: Daniel <845765@qq.com>
2026-05-04 13:30:02 +08:00

665 B
Raw Permalink Blame History

Security report

If you find security-related vulnerabilities, please create a Security Advisories:

https://github.com/siyuan-note/siyuan/security/advisories/new

Some areas we don't consider security vulnerabilities:

  • Arbitrary file write: Writing files outside the workspace path (e.g., exporting files) is a common user need
  • Chart/Formula/ABC rendering code injection: This is a common user need, for details please refer to https://github.com/siyuan-note/siyuan/pull/6917
  • SQL injection
  • Pandoc Argument Injection: Allowing the setting of --lua-filter is a common user need
  • SSRF netImg2LocalAssets / netAssets2LocalAssets

Thank you very much!

Reference in New Issue View Git Blame Copy Permalink