github BookStackApp/BookStack v21.08.2
BookStack v21.08.2

latest releases: v24.10.1, v24.10, v24.05.4...
3 years ago

Security Release

This security release is intended to cover a couple of XSS vulnerabilities, where a malicious user with page edit access could enter script that would execute upon page view. You should update as soon as possible if you allow untrusted users to edit content in your instance.

In addition, this releases expands the CSP headers set by BookStack to help avoid any similar vulnerabilities from being effective going forward. If you've performed some more advanced customizations on your instance, they may need to be altered to work with the built-in CSP system.

Don't miss a new BookStack release

NewReleases is sending notifications on new releases.