Skip to content

BookStack Beta v0.30.5
Compare
Choose a tag to compare
@ssddanbrown ssddanbrown released this 06 Dec 21:14
v0.30.5
This tag was signed with the committer’s verified signature.
ssddanbrown Dan Brown
GPG key ID: 46D9F943C24A2EF9
Verified
Learn about vigilant mode.
eecc08e
This commit was signed with the committer’s verified signature.
ssddanbrown Dan Brown
GPG key ID: 46D9F943C24A2EF9
Verified
Learn about vigilant mode.

Security Release

Phishing and and server-side request forgery vulnerabilities have been found within BookStack. Release v0.30.5 will remove this server-side request forgery issue while bringing updated wording and advisories to prevent the potential phishing vulnerability. You should ensure you've set the APP_URL option in your .env file to prevent likelihood of the phishing attack. Please view the above report or blogpost links for more detail.

Assets 2
Loading