BookStack Security Release v21.10.2

BookStack v21.10.2 has been released. This is a security release that builds upon changes in v21.10.1 which covers a vulnerability which would allow malicious users, who have permission to update or create pages, to upload content that could then be utilized for phishing or other general malicious intent.

If you allow untrusted users to edit page content you should update as soon as possible.

Full List of Changes

  • Made further fixes to address image upload vulnerability. Thanks again to @haxatron (#3019)
  • Updated translations with latest changes from Crowdin. (#3014)

For More Information

If you have any questions or comments about this advisory:

Header Image Credits: Photo by Chepe Nicoli on Unsplash