Updated updates page with v23.12.3 info

author Dan Brown <redacted>

Mon, 26 Feb 2024 12:22:15 +0000 (12:22 +0000)

committer Dan Brown <redacted>

Mon, 26 Feb 2024 12:22:15 +0000 (12:22 +0000)
author Dan Brown <redacted>
Mon, 26 Feb 2024 12:22:15 +0000 (12:22 +0000)
committer Dan Brown <redacted>
Mon, 26 Feb 2024 12:22:15 +0000 (12:22 +0000)
diff --git a/content/docs/admin/updates.md b/content/docs/admin/updates.md

index 096cd23d5ef66c15eaa0bc4b059100facde4740e..ffc03dc984a97a16f4e4d2711fcfb2ff1a95e47a 100644 (file)
--- a/content/docs/admin/updates.md
+++ b/content/docs/admin/updates.md
@@ -41,6 +41,10 @@ This is primarily a list of breaking changes & security notices.
  Details of updates can be found on [our blog](https://www.bookstackapp.com/blog/) or via 
  the [GitHub releases page](https://github.com/BookStackApp/BookStack/releases).
  
+#### Updating to v23.12.3 or higher
+
+**Security** - v23.12.3 addresses a vulnerability in PDF generation that could be exploited, by users with the ability to create/edit/update page content, to perform blind server-side-request forgery.
+
  #### Updating to v23.12 or higher
  
  **Page Includes** - The way page include content is fetched & merged has changed significantly in this release, which in some cases may alter how included content appears on the page.
author	Dan Brown <redacted>
	Mon, 26 Feb 2024 12:22:15 +0000 (12:22 +0000)
committer	Dan Brown <redacted>
	Mon, 26 Feb 2024 12:22:15 +0000 (12:22 +0000)