Beta Security Release v0.29.3

BookStack v0.29.3 has been released to address an issue that could expose the names of private/restricted books.


The name of a restricted book could be viewed by non-authorised users when the book was on a shelf, and the shelves were viewed in “List View”. This could expose book names to those that did not have permission to see them, when part of a shelf.


This has been patched in version v0.29.3.


Please update otherwise you could temporarily change the name of any private books to remove any sensitive content.



More Information

If you have any questions or comments about this advisory:

Header Image Credits:   unsplash-logoShogo Narita