BookStack Security Release v23.12.3

BookStack v23.12.3 has been released. This is a security release that addresses a vulnerability in PDF generation that could be exploited to perform blind server-side-request forgery.

Upgrade is advised where untrusted users have permission to create/edit/update page content in your instance.

Full List of Changes

  • Updated PHP dependencies, primarily to update php-svg-lib package.

For More Information

If you have any questions or comments about this advisory:

Header Image Credits: Photo by duong chung on Unsplash