CVE-2024-53506 Information

Description

A SQL injection vulnerability has been identified in Siyuan 3.1.11 via the ids array parameter in /batchGetBlockAttrs.

Reference

https://github.com/siyuan-note/siyuan/issues/13060 https://github.com/siyuan-note/siyuan/issues/13077