CIRCLE WITH A DOT

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

bookstack@fosstodon.org

@bookstack@fosstodon.org

Topics

B

BookStack Security Release v26.03.2 is now available.
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized
3

0 Votes

3 Posts

0 Views

B

@dusoft Logins/registration via social systems did not have the same vulnerability. This only affected registrations via in-built email/password register form, which can be used when the 'standard' primary authentication type is used, and when the registration option is enabled in the BookStack settings.
B

BookStack v25.12.9 has been released.
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized
1

0 Votes

1 Posts

0 Views

B

BookStack v25.12.9 has been released.This is a security release to address a vulnerability where style code in page content could be used to manipulate the page beyond the expected content area in some revision views, opening up risk of potential phishing and/or tracking by bad page editors.We advise that you update your instance if you allow untrusted users to create or edit pages.https://www.bookstackapp.com/blog/bookstack-release-v25-12-9/

CIRCLE WITH A DOT

bookstack@fosstodon.org

Topics

BookStack Security Release v26.03.2 is now available.

BookStack v25.12.9 has been released.