SiYuan - Remote Code Execution via Malicious Bazaar Package Metadata and README

An attacker publishes a malicious package to the SiYuan Bazaar marketplace. The package's `displayName` or `description` fields contain an XSS payload (e.g., `<img src=x onerror="require('child_process').exec('calc.exe')">`). Because the metadata is rendered without HTML escaping [ref_id=1], the payload executes automatically when any user loads the Bazaar listing page—no click or installation is required. A secondary vector uses a malicious `README.md` with embedded raw HTML; when the user clicks to view the package details, the unsanitized README is injected via `innerHTML` [ref_id=1]. Both vectors exploit Electron's `nodeIntegration: true` setting to escalate XSS into full remote code execution.

The vulnerability spans three areas: metadata rendering in `app/src/config/bazaar.ts:275-277` where `displayName` and `description` are injected into HTML without escaping; README rendering in `kernel/bazaar/package.go:635-645` where `lute.New()` is called without `SetSanitize(true)`, allowing raw HTML to pass through; and the Electron configuration in `app/electron/main.js:422-426` which enables `nodeIntegration: true` and `contextIsolation: false`, granting full OS command execution to any injected script.

The advisory recommends three fixes [ref_id=1]. First, escape package metadata in `bazaar.ts` by passing `displayName` and `description` through an `escapeHtml()` function before template interpolation. Second, enable `luteEngine.SetSanitize(true)` in `package.go` so that the Lute markdown engine strips dangerous HTML from README output. Third, as a long-term hardening measure, set `nodeIntegration: false`, `contextIsolation: true`, and `sandbox: true` in the Electron `webPreferences` to prevent any injected script from accessing Node.js APIs.